9.8CVSS
9.5AI Score
0.002EPSS
Memory corruption due to double free in core while initializing the encryption key.
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
9.3CVSS
7AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
9.3CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
9.3CVSS
9AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
9.8CVSS
9.6AI Score
0.002EPSS
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
9.3CVSS
7.5AI Score
0.0004EPSS
Memory corruption in core services when Diag handler receives a command to configure event listeners.
9CVSS
7.8AI Score
0.0004EPSS
9.8CVSS
9.5AI Score
0.001EPSS
9.8CVSS
8.3AI Score
0.001EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
9.8CVSS
9.5AI Score
0.001EPSS
9.3CVSS
7.8AI Score
0.0004EPSS
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
9.8CVSS
9.4AI Score
0.001EPSS