Qcs405 Firmware Security Vulnerabilities
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
9.8CVSS
9.6AI Score
0.001EPSS
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
7.5CVSS
7.6AI Score
0.001EPSS
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
9.8CVSS
9.6AI Score
0.002EPSS
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
9.8CVSS
9.5AI Score
0.002EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
8AI Score
0.0004EPSS
6.8CVSS
5.5AI Score
0.0004EPSS
6.8CVSS
5.5AI Score
0.0004EPSS
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
8.4CVSS
8AI Score
0.0004EPSS
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
9.8CVSS
9.5AI Score
0.002EPSS
Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
8.2CVSS
7.4AI Score
0.001EPSS
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
7.1CVSS
7AI Score
0.0004EPSS
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
9.3CVSS
7.5AI Score
0.0004EPSS
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
7.7CVSS
6.7AI Score
0.0004EPSS
8.4CVSS
7.6AI Score
0.0004EPSS
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source).
9.8CVSS
9.3AI Score
0.001EPSS