Qca6574au Firmware Security Vulnerabilities and Issues — Page 14 of Qca6574au Firmware CVE List

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Sna...

7.8CVSS7.8AI score0.00111EPSS

CVE•added 2018/10/26 1:29 p.m.•51 views

CVE-2018-11849

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6...

7.8CVSS7.9AI score0.00038EPSS

CVE•added 2019/05/24 5:29 p.m.•51 views

CVE-2018-11936

Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapd...

10CVSS9.2AI score0.0033EPSS

CVE•added 2021/05/07 9:15 a.m.•51 views

CVE-2021-1925

Possible denial of service scenario due to improper handling of group management action frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Musi...

7.8CVSS7.5AI score0.00245EPSS

CVE•added 2021/09/09 8:15 a.m.•51 views

CVE-2021-1971

Possible assertion due to lack of physical layer state validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

7.8CVSS7.4AI score0.00369EPSS

CVE•added 2022/09/02 12:15 p.m.•51 views

CVE-2022-22104

Memory corruption in multimedia due to improper check on the messages received. in Snapdragon Auto

8.4CVSS7.8AI score0.00093EPSS

CVE•added 2022/10/19 11:15 a.m.•51 views

CVE-2022-33210

Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing command request packet with a very large type value. in Snapdragon Auto

8.4CVSS7.9AI score0.00081EPSS

CVE•added 2023/12/05 3:15 a.m.•51 views

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

7.8CVSS7.7AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•51 views

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

7.8CVSS8AI score0.00024EPSS

CVE•added 2023/09/05 7:15 a.m.•51 views

CVE-2023-33020

Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.

7.5CVSS7.6AI score0.00061EPSS

CVE•added 2023/12/05 3:15 a.m.•51 views

CVE-2023-33071

Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities.

8.4CVSS8AI score0.00065EPSS

CVE•added 2024/01/02 6:15 a.m.•51 views

CVE-2023-33112

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

7.5CVSS7.5AI score0.00229EPSS

CVE•added 2024/02/06 6:16 a.m.•51 views

CVE-2023-43517

Memory corruption in Automotive Multimedia due to improper access control in HAB.

8.4CVSS7.7AI score0.00048EPSS

CVE•added 2024/08/05 3:15 p.m.•51 views

CVE-2024-23381

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.

8.4CVSS8.6AI score0.00035EPSS

CVE•added 2024/10/07 1:15 p.m.•51 views

CVE-2024-38397

Transient DOS while parsing probe response and assoc response frame.

7.5CVSS7.6AI score0.00207EPSS

CVE•added 2019/09/30 4:15 p.m.•50 views

CVE-2019-10509

Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS4...

10CVSS9.4AI score0.00266EPSS

CVE•added 2020/06/22 7:15 a.m.•50 views

CVE-2020-3626

Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W, MSM8917, MSM8920, M...

7.8CVSS7.7AI score0.00037EPSS

CVE•added 2021/09/09 8:15 a.m.•50 views

CVE-2021-1958

A race condition in fastrpc kernel driver for dynamic process creation can lead to use after free scenario in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables

6.7CVSS6.5AI score0.00037EPSS

CVE•added 2021/10/20 7:15 a.m.•50 views

CVE-2021-1966

Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.7CVSS6.9AI score0.00059EPSS

CVE•added 2021/10/20 7:15 a.m.•50 views

CVE-2021-1967

Possible stack buffer overflow due to lack of check on the maximum number of post NAN discovery attributes while processing a NAN Match event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mu...

5.3CVSS5.7AI score0.0006EPSS

CVE•added 2022/12/15 7:15 p.m.•50 views

CVE-2022-22063

Memory corruption in Core due to improper configuration in boot remapper.

8.4CVSS8AI score0.01121EPSS

CVE•added 2022/09/02 12:15 p.m.•50 views

CVE-2022-22100

Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto

8.4CVSS7.8AI score0.00093EPSS

CVE•added 2022/10/19 11:15 a.m.•50 views

CVE-2022-25662

Information disclosure due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.3AI score0.00274EPSS

CVE•added 2022/12/13 4:15 p.m.•50 views

CVE-2022-25685

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.5AI score0.00139EPSS

CVE•added 2023/07/04 5:15 a.m.•50 views

CVE-2023-21633

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

7.8CVSS6.8AI score0.00029EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

7.8CVSS8AI score0.0006EPSS

CVE•added 2024/07/01 3:15 p.m.•50 views

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

7.8CVSS7.4AI score0.00109EPSS

CVE•added 2024/05/06 3:15 p.m.•50 views

CVE-2024-21480

Memory corruption while playing audio file having large-sized input buffer.

9.8CVSS7.1AI score0.00098EPSS

CVE•added 2025/05/06 9:15 a.m.•50 views

CVE-2024-45562

Memory corruption during concurrent access to server info object due to unprotected critical field.

7.8CVSS6.7AI score0.00017EPSS

CVE•added 2025/05/06 9:15 a.m.•50 views

CVE-2024-49844

Memory corruption while triggering commands in the PlayReady Trusted application.

7.8CVSS8AI score0.00026EPSS

CVE•added 2019/05/24 5:29 p.m.•49 views

CVE-2018-11927

Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...

7.8CVSS7.7AI score0.00035EPSS

CVE•added 2019/11/06 5:15 p.m.•49 views

CVE-2019-10522

While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU,...

9.8CVSS9.6AI score0.00441EPSS

CVE•added 2021/04/07 8:15 a.m.•49 views

CVE-2020-11242

User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.7AI score0.00033EPSS

CVE•added 2021/11/12 7:15 a.m.•49 views

CVE-2021-1912

Possible integer overflow can occur due to improper length check while calculating count and grace period in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.8AI score0.00033EPSS

CVE•added 2021/05/07 9:15 a.m.•49 views

CVE-2021-1915

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...

7.8CVSS7.7AI score0.00035EPSS

CVE•added 2021/09/09 8:15 a.m.•49 views

CVE-2021-1935

Possible null pointer dereference due to lack of validation check for passed pointer during key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

7.1CVSS5.7AI score0.0004EPSS

CVE•added 2021/11/12 7:15 a.m.•49 views

CVE-2021-30284

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

9.1CVSS8.8AI score0.0027EPSS

CVE•added 2022/01/13 12:15 p.m.•49 views

CVE-2021-30300

Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voic...

7.5CVSS7.5AI score0.00359EPSS

CVE•added 2022/09/16 6:15 a.m.•49 views

CVE-2022-22074

Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.8AI score0.00093EPSS

CVE•added 2022/09/02 12:15 p.m.•49 views

CVE-2022-22102

Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto

8.4CVSS7.8AI score0.00061EPSS

CVE•added 2022/10/19 11:15 a.m.•49 views

CVE-2022-25661

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS7.7AI score0.00085EPSS

CVE•added 2022/09/16 6:15 a.m.•49 views

CVE-2022-25688

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.0019EPSS

CVE•added 2023/01/09 8:15 a.m.•49 views

CVE-2022-25721

Memory corruption in video driver due to type confusion error during video playback

7.8CVSS7.1AI score0.0004EPSS

CVE•added 2023/07/04 5:15 a.m.•49 views

CVE-2023-21638

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.

7.8CVSS7AI score0.00034EPSS

CVE•added 2023/09/05 7:15 a.m.•49 views

CVE-2023-21644

Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.