Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.
7.8CVSS
8AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
8.2CVSS
8AI Score
0.001EPSS
8.2CVSS
7.5AI Score
0.001EPSS
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.
7.8CVSS
7.8AI Score
0.0004EPSS
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
8.2CVSS
6.5AI Score
0.001EPSS
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
7.5CVSS
6.5AI Score
0.001EPSS
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
7.5CVSS
6.5AI Score
0.001EPSS
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
6.8CVSS
6.8AI Score
0.001EPSS
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
7.8CVSS
8AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
8.4CVSS
7.6AI Score
0.0004EPSS
Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM.
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
7.8CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.
7.5CVSS
7.4AI Score
0.001EPSS
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
7.5CVSS
7.5AI Score
0.001EPSS
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
8.2CVSS
7.4AI Score
0.001EPSS
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption due to double free in Core while mapping HLOS address to the list.
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
9.8CVSS
9.6AI Score
0.001EPSS
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
7.5CVSS
7.6AI Score
0.001EPSS
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
9.8CVSS
9.6AI Score
0.002EPSS
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
9.8CVSS
9.5AI Score
0.002EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
8AI Score
0.0004EPSS
6.8CVSS
5.5AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4CVSS
7.9AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
9.8CVSS
9.5AI Score
0.002EPSS
Memory corruption in Automotive Android OS due to improper validation of array index.
8.4CVSS
7.6AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel.
8.4CVSS
7.8AI Score
0.0004EPSS
6.2CVSS
5.4AI Score
0.0004EPSS
Memory corruption in Trusted Execution Environment while calling service API with invalid address.
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
8.4CVSS
7.9AI Score
0.0004EPSS
6.8CVSS
6.6AI Score
0.001EPSS
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
8.4CVSS
7.7AI Score
0.0004EPSS
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
9.8CVSS
9.4AI Score
0.001EPSS
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
7.8CVSS
7.5AI Score
0.0004EPSS
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.
7.8CVSS
7.5AI Score
0.0004EPSS
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.
7.8CVSS
7.6AI Score
0.0004EPSS
Memory Corruption due to improper validation of array index in Linux while updating adn record.
7.8CVSS
7.5AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.
7.8CVSS
7.7AI Score
0.0004EPSS