Lucene search

Qca6554A Firmware Security Vulnerabilities

cve

CVE-2021-35069

Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.8CVSS

7.8AI Score

0.0004EPSS

2022-02-11 11:15 AM

cve

CVE-2021-35071

Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastruc...

5.5CVSS

5.7AI Score

0.0004EPSS

2022-06-14 10:15 AM

cve

CVE-2021-35088

Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure a...

9.1CVSS

9AI Score

0.002EPSS

2022-04-01 05:15 AM

cve

CVE-2021-35103

Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netwo...

7.8CVSS

7.7AI Score

0.0004EPSS

2022-04-01 05:15 AM

cve

CVE-2021-35106

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS

7.6AI Score

0.0004EPSS

2022-04-01 05:15 AM

cve

CVE-2021-35117

An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

9.1CVSS

9AI Score

0.002EPSS

2022-04-01 05:15 AM

120

cve

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS

7.9AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2022-25718

Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...

9.8CVSS

9.4AI Score

0.002EPSS

2022-10-19 11:15 AM

cve

CVE-2022-25720

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

9.8CVSS

9.4AI Score

0.002EPSS

2022-10-19 11:15 AM

cve

CVE-2022-25736

Denial of service in WLAN due to out-of-bound read happens while processing VHT action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.5CVSS

7.5AI Score

0.001EPSS

2022-10-19 11:15 AM

cve

CVE-2022-25741

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS

7.5AI Score

0.001EPSS

2022-11-15 10:15 AM

cve

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS

9.8AI Score

0.002EPSS

2022-10-19 11:15 AM

cve

CVE-2022-25749

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...

7.5CVSS

7.7AI Score

0.001EPSS

2022-10-19 11:15 AM

cve

CVE-2022-33230

Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

7.8CVSS

7.8AI Score

0.0004EPSS

2023-06-06 08:15 AM

cve

CVE-2022-33235

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

8.2CVSS

7.7AI Score

0.001EPSS

2022-12-13 04:15 PM

cve

CVE-2022-33237

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snap...

7.5CVSS

7.7AI Score

0.001EPSS

2022-11-15 10:15 AM

cve

CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mo...

7.5CVSS

7.6AI Score

0.001EPSS

2022-12-13 04:15 PM

cve

CVE-2022-33239

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

7.5CVSS

7.6AI Score

0.001EPSS

2022-11-15 10:15 AM

cve

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

8.2CVSS

5.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33253

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

7.5CVSS

5.6AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS

7.5AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

8.4CVSS

7.7AI Score

0.0004EPSS

2023-09-05 07:15 AM

cve

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

8.4CVSS

7.8AI Score

0.0004EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

8.4CVSS

7.8AI Score

0.0004EPSS

2023-02-12 04:15 AM

cve

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

8.2CVSS

6.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.

8.2CVSS

6.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

7.5CVSS

6.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

7.5CVSS

6.5AI Score

0.001EPSS

2023-01-09 08:15 AM

cve

CVE-2022-33306

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

7.5CVSS

7.5AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

7.5CVSS

7.5AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-34146

Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

7.5CVSS

7.5AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-40502

Transient DOS due to improper input validation in WLAN Host.

7.5CVSS

7.5AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-40503

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

8.2CVSS

7.4AI Score

0.001EPSS

2023-04-13 07:15 AM

344

cve

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

7.5CVSS

7.6AI Score

0.001EPSS

2023-02-12 04:15 AM

cve

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

9.8CVSS

9.6AI Score

0.002EPSS

2023-02-12 04:15 AM

cve

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

8.4CVSS

8AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS

7.7AI Score

0.0004EPSS

2023-03-10 09:15 PM

cve

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

8.4CVSS

7.9AI Score

0.0004EPSS

2023-04-13 07:15 AM

cve

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

8.4CVSS

7.9AI Score

0.0004EPSS

2023-06-06 08:15 AM

cve

CVE-2023-21649

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-08-08 10:15 AM

cve

CVE-2023-21656

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-06-06 08:15 AM

cve

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-06 08:15 AM

cve

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

7.5CVSS

7.5AI Score

0.001EPSS

2023-06-06 08:15 AM

cve

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

7.8CVSS

7.5AI Score

0.0004EPSS

2023-07-04 05:15 AM

cve

CVE-2023-24851

Memory Corruption in WLAN HOST while parsing QMI response message from firmware.

7.8CVSS

7.6AI Score

0.001EPSS

2023-07-04 05:15 AM

cve

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

7.8CVSS

7.6AI Score

0.0005EPSS

2023-07-04 05:15 AM

cve

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-10-03 06:15 AM

cve

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

7.8CVSS

7.7AI Score

0.0004EPSS

2023-07-04 05:15 AM

cve

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status information.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-07-04 05:15 AM

cve

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-09-05 07:15 AM

Total number of security vulnerabilities108