9.8CVSS
9.3AI Score
0.001EPSS
9.8CVSS
9.3AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
8.2CVSS
7.3AI Score
0.001EPSS
8.2CVSS
7.3AI Score
0.001EPSS
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
7.8CVSS
7.5AI Score
0.0004EPSS
Memory Corruption in Core due to secure memory access by user while loading modem image.
8.4CVSS
7.5AI Score
0.0004EPSS
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
7.8CVSS
7.8AI Score
0.0004EPSS
8.2CVSS
7.7AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
7.8CVSS
7.9AI Score
0.0004EPSS
6.1CVSS
5.5AI Score
0.0004EPSS
6.1CVSS
5.5AI Score
0.0004EPSS
6.1CVSS
5.6AI Score
0.0004EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
6.5CVSS
6.4AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.5CVSS
7.5AI Score
0.001EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
9.3CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.5CVSS
7.5AI Score
0.0004EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
7.5CVSS
7.6AI Score
0.0005EPSS
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.
7.8CVSS
6.8AI Score
0.0004EPSS
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
8.4CVSS
7.9AI Score
0.0004EPSS
Memory corruption in Audio when memory map command is executed consecutively in ADSP.
7.8CVSS
7.9AI Score
0.0004EPSS
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.
7.5CVSS
7.5AI Score
0.0004EPSS
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
7.8CVSS
7.7AI Score
0.0004EPSS
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.
9.8CVSS
9.5AI Score
0.001EPSS
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
7.5CVSS
7.5AI Score
0.0005EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
8.4CVSS
8.6AI Score
0.0004EPSS
7.1CVSS
7AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
7.8CVSS
7.5AI Score
0.0004EPSS