Qca6574 Firmware@- Security Vulnerabilities and Issues — Page 8 of Qca6574 Firmware@- CVE List

Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

10CVSS9.6AI score0.00427EPSS

CVE•added 2023/03/10 9:15 p.m.•63 views

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS8.2AI score0.00051EPSS

CVE•added 2023/06/06 8:15 a.m.•63 views

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

7.9CVSS8.1AI score0.00094EPSS

CVE•added 2023/08/08 10:15 a.m.•63 views

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

9.3CVSS8.1AI score0.00052EPSS

CVE•added 2023/11/07 6:15 a.m.•63 views

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

8.4CVSS7.8AI score0.00054EPSS

CVE•added 2023/10/03 6:15 a.m.•63 views

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning notify.

8.4CVSS7.9AI score0.0003EPSS

CVE•added 2024/01/02 6:15 a.m.•63 views

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

7.5CVSS7.6AI score0.00173EPSS

CVE•added 2024/03/04 11:15 a.m.•63 views

CVE-2023-43549

Memory corruption while processing TPC target power table in FTM TPC.

8.4CVSS8.6AI score0.00095EPSS

CVE•added 2024/08/05 3:15 p.m.•63 views

CVE-2024-33011

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

7.5CVSS7.6AI score0.00346EPSS

CVE•added 2024/08/05 3:15 p.m.•63 views

CVE-2024-33018

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

7.5CVSS7.6AI score0.00869EPSS

CVE•added 2024/08/05 3:15 p.m.•63 views

CVE-2024-33019

Transient DOS while parsing the received TID-to-link mapping action frame.

7.5CVSS7.6AI score0.00346EPSS

CVE•added 2024/08/05 3:15 p.m.•63 views

CVE-2024-33025

Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

7.5CVSS7.6AI score0.00346EPSS

CVE•added 2019/05/24 5:29 p.m.•62 views

CVE-2018-11928

Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, S...

7.8CVSS8AI score0.00035EPSS

CVE•added 2023/06/06 8:15 a.m.•62 views

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

7.1CVSS5.8AI score0.00054EPSS

CVE•added 2023/01/09 8:15 a.m.•62 views

CVE-2022-25746

Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

8.1CVSS7.8AI score0.00042EPSS

CVE•added 2022/12/13 4:15 p.m.•62 views

CVE-2022-33235

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

8.2CVSS7.7AI score0.00114EPSS

CVE•added 2023/01/09 8:15 a.m.•62 views

CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

8.4CVSS8.1AI score0.04308EPSS

CVE•added 2023/06/06 8:15 a.m.•62 views

CVE-2022-40523

Information disclosure in Kernel due to indirect branch misprediction.

7.1CVSS5.6AI score0.0004EPSS

CVE•added 2023/06/06 8:15 a.m.•62 views

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

7.5CVSS7.5AI score0.00122EPSS

CVE•added 2023/08/08 10:15 a.m.•62 views

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified content.

8.4CVSS7.9AI score0.00053EPSS

CVE•added 2023/09/05 7:15 a.m.•62 views

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

7.8CVSS8AI score0.00053EPSS

CVE•added 2023/12/05 3:15 a.m.•62 views

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

7.8CVSS7.9AI score0.00062EPSS

CVE•added 2023/12/05 3:15 a.m.•62 views

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

9.1CVSS9.3AI score0.0013EPSS

CVE•added 2023/12/05 3:15 a.m.•62 views

CVE-2023-33081

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

7.5CVSS7.5AI score0.00147EPSS

CVE•added 2024/03/04 11:15 a.m.•62 views

CVE-2023-43548

Memory corruption while parsing qcp clip with invalid chunk data size.

9.8CVSS7.4AI score0.00144EPSS

CVE•added 2024/06/03 10:15 a.m.•62 views

CVE-2024-23363

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

7.5CVSS7.6AI score0.00228EPSS

CVE•added 2024/08/05 3:15 p.m.•62 views

CVE-2024-23381

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.

8.4CVSS8.6AI score0.00156EPSS

CVE•added 2025/05/06 9:15 a.m.•62 views

CVE-2024-49835

Memory corruption while reading secure file.

7.8CVSS7.8AI score0.00022EPSS

CVE•added 2019/05/24 5:29 p.m.•61 views

CVE-2018-11968

Improper check before assigning value can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...

7.8CVSS7.8AI score0.00033EPSS

CVE•added 2021/10/20 7:15 a.m.•61 views

CVE-2021-1966

Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.7CVSS6.9AI score0.00059EPSS

CVE•added 2021/10/20 7:15 a.m.•61 views

CVE-2021-1967

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mu...

5.3CVSS5.7AI score0.0006EPSS

CVE•added 2021/11/12 7:15 a.m.•61 views

CVE-2021-30265

Possible memory corruption due to improper validation of memory address while processing user-space IOCTL for clearing Filter and Route statistics in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice...

6.7CVSS6.9AI score0.00055EPSS

CVE•added 2022/01/13 12:15 p.m.•61 views

CVE-2021-30313

Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

6.7CVSS6.8AI score0.00076EPSS

CVE•added 2022/09/02 12:15 p.m.•61 views

CVE-2022-25668

Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.5AI score0.00302EPSS

CVE•added 2022/09/16 6:15 a.m.•61 views

CVE-2022-25690

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sna...

7.5CVSS7.5AI score0.00172EPSS

CVE•added 2023/03/10 9:15 p.m.•61 views

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

8.4CVSS8AI score0.00051EPSS

CVE•added 2022/11/15 10:15 a.m.•61 views

CVE-2022-33239

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

7.5CVSS7.6AI score0.00249EPSS

CVE•added 2023/06/06 8:15 a.m.•61 views

CVE-2022-33307

Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.

8.4CVSS8AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•61 views

CVE-2023-21662

Memory corruption in Core Platform while printing the response buffer in log.

7.8CVSS8AI score0.00053EPSS

CVE•added 2023/10/03 6:15 a.m.•61 views

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

7.8CVSS7.6AI score0.0003EPSS

CVE•added 2023/11/07 6:15 a.m.•61 views

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

8.2CVSS8AI score0.0004EPSS

CVE•added 2024/01/02 6:15 a.m.•61 views

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

8.4CVSS7.8AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•61 views

CVE-2023-33048

Transient DOS in WLAN Firmware while parsing t2lm buffers.

7.5CVSS7.5AI score0.00194EPSS

CVE•added 2024/01/02 6:15 a.m.•61 views

CVE-2023-33118

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

7.8CVSS7.9AI score0.0011EPSS

CVE•added 2024/02/06 6:16 a.m.•61 views

CVE-2023-43523

Transient DOS while processing 11AZ RTT management action frame received through OTA.

7.5CVSS7.5AI score0.00144EPSS

Total number of security vulnerabilities627