Lucene search

Qcc710 Firmware Security Vulnerabilities - January

cve

CVE-2021-35129

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.8CVSS

8AI Score

0.0004EPSS

2022-06-14 10:15 AM

cve

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory Corruption.

8.7CVSS

7.5AI Score

0.0004EPSS

2023-10-03 06:15 AM

cve

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

9.8CVSS

9.3AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

9.8CVSS

9.3AI Score

0.001EPSS

2023-11-07 06:15 AM

cve

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-24847

Transient DOS in Modem while allocating DSM items.

7.5CVSS

7.5AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2CVSS

7.3AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2CVSS

7.3AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

7.8CVSS

7.5AI Score

0.0004EPSS

2023-10-03 06:15 AM

cve

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

8.4CVSS

7.5AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning notify.

8.4CVSS

7.6AI Score

0.0004EPSS

2023-10-03 06:15 AM

cve

CVE-2023-24855

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

9.8CVSS

8.4AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-10-03 06:15 AM

cve

CVE-2023-28540

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

9.1CVSS

7.5AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

8.2CVSS

7.7AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

6.1CVSS

5.3AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-28556

Cryptographic issue in HLOS during key management.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-28570

Memory corruption while processing audio effects.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-28574

Memory corruption in core services when Diag handler receives a command to configure event listeners.

9CVSS

7.8AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

8.8CVSS

8.8AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS

6.4AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

7.8CVSS

7.9AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot allocation.

7.5CVSS

7.5AI Score

0.0005EPSS

2023-12-05 03:15 AM

cve

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

7.8CVSS

7.7AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

8.4CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-33024

Memory corruption while sending SMS from AP firmware.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-12-05 03:15 AM

cve

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

7.5CVSS

7.5AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

7.5CVSS

7.5AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

9.8CVSS

8.3AI Score

0.001EPSS

2023-10-03 06:15 AM

cve

CVE-2023-33029

Memory corruption in DSP Service during a remote call from HLOS to DSP.

8.4CVSS

7.7AI Score

0.0004EPSS

2023-10-03 06:15 AM

cve

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-33035

Memory corruption while invoking callback function of AFE from ADSP.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-10-03 06:15 AM

cve

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

7.5CVSS

7.5AI Score

0.0005EPSS

2023-12-05 03:15 AM

cve

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

9.8CVSS

9.5AI Score

0.001EPSS

2023-11-07 06:15 AM

cve

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

7.5CVSS

7.5AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm buffers.

7.5CVSS

7.5AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-33049

Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage.

7.5CVSS

7.5AI Score

0.0005EPSS

2024-02-06 06:15 AM

cve

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

9.1CVSS

9.1AI Score

0.001EPSS

2023-12-05 03:15 AM

cve

CVE-2023-33055

Memory Corruption in Audio while invoking callback function in driver from ADSP.

7.8CVSS

7.6AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-33056

Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.

7.5CVSS

7.5AI Score

0.0005EPSS

2023-11-07 06:15 AM

cve

CVE-2023-33057

Transient DOS in Multi-Mode Call Processor while processing UE policy container.

7.5CVSS

7.5AI Score

0.0005EPSS

2024-02-06 06:15 AM

cve

CVE-2023-33058

Information disclosure in Modem while processing SIB5.

9.1CVSS

8.9AI Score

0.001EPSS

2024-02-06 06:15 AM

cve

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

7.8CVSS

7.8AI Score

0.0004EPSS

2023-11-07 06:15 AM

cve

CVE-2023-33060

Transient DOS in Core when DDR memory check is called while DDR is not initialized.

7.1CVSS

5.5AI Score

0.0004EPSS

2024-02-06 06:15 AM

cve

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

7.5CVSS

7.5AI Score

0.0004EPSS

2023-11-07 06:15 AM

Total number of security vulnerabilities97