Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
9.3CVSS
9AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
8.2CVSS
7.4AI Score
0.001EPSS
7.1CVSS
5.4AI Score
0.0004EPSS
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4CVSS
7.9AI Score
0.0004EPSS
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.
6.2CVSS
5.4AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
8.4CVSS
7.7AI Score
0.0004EPSS
Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.
8.2CVSS
7.3AI Score
0.001EPSS
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
7.8CVSS
7.7AI Score
0.0004EPSS
8.7CVSS
7.5AI Score
0.0004EPSS
Memory Corruption in Core due to secure memory access by user while loading modem image.
8.4CVSS
7.5AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
8.4CVSS
7.8AI Score
0.001EPSS
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
7.8CVSS
7.8AI Score
0.0004EPSS
8.2CVSS
7.7AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
7.8CVSS
7.9AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
6.5CVSS
6.4AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
7.8CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.
7.5CVSS
7.5AI Score
0.0005EPSS
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
7.8CVSS
7.2AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0004EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
7.5CVSS
7.5AI Score
0.0004EPSS
Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.
9.8CVSS
9.6AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.6AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS