Qca6574 Firmware Security Vulnerabilities and Issues — Page 3 of Qca6574 Firmware CVE List

Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

7.8CVSS7.6AI score0.00369EPSS

CVE•added 2022/12/13 4:15 p.m.•103 views

CVE-2022-33268

Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.2CVSS8AI score0.00097EPSS

CVE•added 2023/12/05 3:15 a.m.•103 views

CVE-2023-33087

Memory corruption in Core while processing RX intent request.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2021/09/08 12:15 p.m.•102 views

CVE-2020-11301

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.1CVSS7.2AI score0.02348EPSS

CVE•added 2022/11/15 10:15 a.m.•102 views

CVE-2022-25724

Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00122EPSS

CVE•added 2022/09/16 6:15 a.m.•101 views

CVE-2022-25706

Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.2CVSS7.6AI score0.00107EPSS

CVE•added 2023/07/04 5:15 a.m.•101 views

CVE-2023-28541

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•101 views

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

8.8CVSS7.3AI score0.00102EPSS

CVE•added 2023/09/05 7:15 a.m.•101 views

CVE-2023-33019

Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.

7.5CVSS7.5AI score0.00063EPSS

CVE•added 2024/05/06 3:15 p.m.•101 views

CVE-2024-23354

Memory corruption when the IOCTL call is interrupted by a signal.

8.4CVSS7.1AI score0.00175EPSS

CVE•added 2025/05/06 9:15 a.m.•101 views

CVE-2025-21459

Transient DOS while parsing per STA profile in ML IE.

7.5CVSS7.6AI score0.00092EPSS

CVE•added 2022/06/14 10:15 a.m.•100 views

CVE-2022-22087

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.7AI score0.00369EPSS

CVE•added 2023/07/04 5:15 a.m.•100 views

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status information.

7.8CVSS7.7AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•100 views

CVE-2023-28584

Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).

7.5CVSS7.5AI score0.00061EPSS

CVE•added 2024/01/02 6:15 a.m.•100 views

CVE-2023-33113

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.

8.4CVSS7.7AI score0.0011EPSS

CVE•added 2024/07/01 3:15 p.m.•100 views

CVE-2024-23380

Memory corruption while handling user packets during VBO bind operation.

8.4CVSS8.2AI score0.00156EPSS

CVE•added 2021/09/09 8:15 a.m.•99 views

CVE-2021-1974

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and ...

7.5CVSS7.7AI score0.00361EPSS

CVE•added 2022/02/11 11:15 a.m.•99 views

CVE-2021-30325

Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and ...

6.7CVSS6.6AI score0.00047EPSS

CVE•added 2022/10/19 11:15 a.m.•99 views

CVE-2022-33214

Memory corruption in display due to time-of-check time-of-use of metadata reserved size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS7.1AI score0.00055EPSS

CVE•added 2023/07/04 5:15 a.m.•99 views

CVE-2023-21672

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.

8.4CVSS8.1AI score0.00045EPSS

CVE•added 2023/07/04 5:15 a.m.•99 views

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

7.8CVSS7.6AI score0.00051EPSS

CVE•added 2024/01/02 6:15 a.m.•99 views

CVE-2023-43514

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.

8.4CVSS7.8AI score0.00112EPSS

CVE•added 2024/05/06 3:15 p.m.•99 views

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size.

7.8CVSS7.2AI score0.00112EPSS

CVE•added 2024/07/01 3:15 p.m.•99 views

CVE-2024-23372

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.

8.4CVSS8.3AI score0.00082EPSS

CVE•added 2025/03/03 11:15 a.m.•99 views

CVE-2024-53027

Transient DOS may occur while processing the country IE.

7.5CVSS7.2AI score0.0008EPSS

CVE•added 2021/03/17 6:15 a.m.•98 views

CVE-2020-11226

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS7.5AI score0.0024EPSS

CVE•added 2022/06/14 10:15 a.m.•98 views

CVE-2022-22082

Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.1AI score0.00123EPSS

CVE•added 2022/09/16 6:15 a.m.•98 views

CVE-2022-25656

Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS8.1AI score0.00069EPSS

CVE•added 2023/07/04 5:15 a.m.•98 views

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

7.8CVSS7.7AI score0.00052EPSS

CVE•added 2024/05/06 3:15 p.m.•98 views

CVE-2024-23351

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

8.4CVSS7.1AI score0.00109EPSS

CVE•added 2024/07/01 3:15 p.m.•98 views

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM partition.

7.8CVSS7.9AI score0.00082EPSS

CVE•added 2024/11/04 10:15 a.m.•98 views

CVE-2024-38415

Memory corruption while handling session errors from firmware.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2025/02/03 5:15 p.m.•98 views

CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

7.8CVSS7.9AI score0.00027EPSS

CVE•added 2023/08/08 10:15 a.m.•97 views

CVE-2023-21649

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

7.8CVSS7AI score0.00034EPSS

CVE•added 2021/09/09 8:15 a.m.•96 views

CVE-2021-30290

Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS6.9AI score0.00085EPSS

CVE•added 2022/06/14 10:15 a.m.•96 views

CVE-2021-35119

Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

5.5CVSS5.6AI score0.00039EPSS

CVE•added 2022/11/15 10:15 a.m.•96 views

CVE-2022-25741

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.5AI score0.00218EPSS

CVE•added 2024/09/02 12:15 p.m.•96 views

CVE-2024-33042

Memory corruption when Alternative Frequency offset value is set to 255.

7.8CVSS7.8AI score0.00039EPSS

CVE•added 2024/09/02 12:15 p.m.•96 views

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously.

8.4CVSS8.2AI score0.00019EPSS

CVE•added 2022/01/13 12:15 p.m.•95 views

CVE-2021-30353

Improper validation of function pointer type with actual function signature can lead to assertion in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS7.6AI score0.00361EPSS

CVE•added 2025/02/03 5:15 p.m.•95 views

CVE-2024-49838

Information disclosure while parsing the OCI IE with invalid length.

8.2CVSS8.1AI score0.00067EPSS

CVE•added 2025/02/03 5:15 p.m.•95 views

CVE-2024-49839

Memory corruption during management frame processing due to mismatch in T2LM info element.

9.8CVSS8.4AI score0.00091EPSS

CVE•added 2021/03/17 6:15 a.m.•94 views

CVE-2020-11190

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS9.1AI score0.0037EPSS

CVE•added 2021/05/07 9:15 a.m.•94 views

CVE-2021-1927

Possible use after free due to lack of null check while memory is being freed in FastRPC driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired In...

8.4CVSS7.7AI score0.00037EPSS

CVE•added 2021/11/12 7:15 a.m.•94 views

CVE-2021-30259

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure a...

7.8CVSS7.7AI score0.00033EPSS

CVE•added 2022/01/03 8:15 a.m.•94 views

CVE-2021-30335

Possible assertion in QOS request due to improper validation when multiple add or update request are received simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

8.4CVSS7.7AI score0.00033EPSS

CVE•added 2024/09/02 12:15 p.m.•94 views

CVE-2024-33048

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

7.5CVSS7.6AI score0.00264EPSS

Total number of security vulnerabilities629