Mdm9628 Firmware Security Vulnerabilities and Issues — Mdm9628 Firmware CVE List

Lucene search

QualcommMdm9628 Firmware

57 matches found

CVE•added 2021/05/07 9:15 a.m.•1121 views

CVE-2021-1905

Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.3AI score0.0113EPSS

CVE•added 2023/04/13 7:15 a.m.•380 views

CVE-2022-40503

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

8.2CVSS7.7AI score0.00068EPSS

CVE•added 2022/09/02 12:15 p.m.•193 views

CVE-2022-22080

Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

8.4CVSS7.8AI score0.00053EPSS

CVE•added 2023/03/10 9:15 p.m.•129 views

CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP packet

8.8CVSS8.5AI score0.00117EPSS

CVE•added 2022/06/14 10:15 a.m.•122 views

CVE-2022-22085

Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.0013EPSS

CVE•added 2022/04/01 5:15 a.m.•115 views

CVE-2021-35105

Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.7AI score0.00101EPSS

CVE•added 2022/11/15 10:15 a.m.•101 views

CVE-2022-25743

Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8AI score0.00057EPSS

CVE•added 2023/05/02 6:15 a.m.•99 views

CVE-2023-21666

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

8.4CVSS8AI score0.0006EPSS

CVE•added 2022/06/14 10:15 a.m.•97 views

CVE-2022-22082

Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00121EPSS

CVE•added 2023/02/12 4:15 a.m.•92 views

CVE-2022-33280

Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.

8.8CVSS8.1AI score0.00084EPSS

CVE•added 2022/09/26 5:15 p.m.•89 views

CVE-2022-22058

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...

8.4CVSS7.8AI score0.00064EPSS

CVE•added 2024/04/01 3:15 p.m.•87 views

CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU.

8.4CVSS8.6AI score0.00044EPSS

CVE•added 2023/04/13 7:15 a.m.•84 views

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

8.4CVSS8.2AI score0.00051EPSS

CVE•added 2023/06/06 8:15 a.m.•84 views

CVE-2023-21628

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

8.4CVSS8.2AI score0.00053EPSS

CVE•added 2022/06/14 10:15 a.m.•82 views

CVE-2022-22084

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.8AI score0.00125EPSS

CVE•added 2023/05/02 6:15 a.m.•81 views

CVE-2023-21665

Memory corruption in Graphics while importing a file.

8.4CVSS8.1AI score0.0007EPSS

CVE•added 2023/08/08 10:15 a.m.•78 views

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in Audio.

8.4CVSS8.1AI score0.00053EPSS

CVE•added 2022/02/11 11:15 a.m.•77 views

CVE-2021-30318

Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.8AI score0.00085EPSS

CVE•added 2024/07/01 3:15 p.m.•77 views

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

8.4CVSS8.3AI score0.00039EPSS

CVE•added 2023/10/03 6:15 a.m.•76 views

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2CVSS7.5AI score0.00137EPSS

CVE•added 2021/02/22 7:15 a.m.•75 views

CVE-2020-11269

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra...

8.8CVSS8.8AI score0.00074EPSS

CVE•added 2024/03/04 11:15 a.m.•75 views

CVE-2023-43546

Memory corruption while invoking HGSL IOCTL context create.

8.4CVSS8.7AI score0.0007EPSS

CVE•added 2022/11/15 10:15 a.m.•74 views

CVE-2022-25724

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00097EPSS

CVE•added 2022/12/13 4:15 p.m.•73 views

CVE-2022-33268

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.2CVSS8AI score0.00078EPSS

CVE•added 2023/11/07 6:15 a.m.•73 views

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

8.8CVSS7.3AI score0.00102EPSS

CVE•added 2024/03/04 11:15 a.m.•73 views

CVE-2023-43547

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

8.4CVSS8.6AI score0.00091EPSS

CVE•added 2021/02/22 7:15 a.m.•72 views

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

8.8CVSS8.7AI score0.00033EPSS

CVE•added 2023/03/10 9:15 p.m.•71 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2024/09/02 12:15 p.m.•68 views

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously.

8.4CVSS8.2AI score0.00019EPSS

CVE•added 2025/02/03 5:15 p.m.•66 views

CVE-2024-49838

Information disclosure while parsing the OCI IE with invalid length.

8.2CVSS8.1AI score0.00053EPSS

CVE•added 2023/06/06 8:15 a.m.•64 views

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

8.4CVSS8.1AI score0.0301EPSS

CVE•added 2023/10/03 6:15 a.m.•64 views

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2CVSS7.5AI score0.0012EPSS

CVE•added 2024/03/04 11:15 a.m.•63 views

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

8.4CVSS8.6AI score0.00051EPSS

CVE•added 2023/03/10 9:15 p.m.•62 views

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS8.2AI score0.00067EPSS

CVE•added 2021/06/09 7:15 a.m.•61 views

CVE-2020-11267

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

8.4CVSS7.8AI score0.00043EPSS

CVE•added 2023/08/08 10:15 a.m.•61 views

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified content.

8.4CVSS7.9AI score0.00053EPSS

CVE•added 2022/01/03 8:15 a.m.•60 views

CVE-2021-30337

Possible use after free when process shell memory is freed using IOCTL call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearable...

8.4CVSS7.8AI score0.00037EPSS

CVE•added 2023/03/10 9:15 p.m.•60 views

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

8.4CVSS8AI score0.00067EPSS

CVE•added 2024/01/02 6:15 a.m.•60 views

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

8.4CVSS7.8AI score0.0006EPSS

CVE•added 2024/09/02 12:15 p.m.•60 views

CVE-2024-33045

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

8.4CVSS8.2AI score0.00039EPSS

CVE•added 2024/05/06 3:15 p.m.•59 views

CVE-2024-21471

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

8.4CVSS7.2AI score0.00082EPSS

CVE•added 2021/04/07 8:15 a.m.•58 views

CVE-2020-11234

When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer...

8.4CVSS7.5AI score0.00037EPSS

CVE•added 2022/12/13 4:15 p.m.•56 views

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.9AI score0.00072EPSS

CVE•added 2022/12/13 4:15 p.m.•55 views

CVE-2022-25695

Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon ...

8.4CVSS8AI score0.00058EPSS

CVE•added 2024/08/05 3:15 p.m.•52 views

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

8.4CVSS8.6AI score0.00035EPSS

CVE•added 2023/07/04 5:15 a.m.•51 views

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music playback.

8.4CVSS8.1AI score0.00051EPSS

CVE•added 2022/09/16 6:15 a.m.•49 views

CVE-2022-22074

Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.8AI score0.00093EPSS

CVE•added 2024/12/02 11:15 a.m.•46 views

CVE-2024-33056

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

8.4CVSS8.6AI score0.00027EPSS

CVE•added 2024/10/07 1:15 p.m.•43 views

CVE-2024-33064

Information disclosure while parsing the multiple MBSSID IEs from the beacon.

8.2CVSS8.2AI score0.00144EPSS

CVE•added 2021/10/20 7:15 a.m.•41 views

CVE-2020-11303

Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice...

8.6CVSS7.2AI score0.0024EPSS

Total number of security vulnerabilities57