Qca6584au Firmware Security Vulnerabilities and Issues — Page 10 of Qca6584au Firmware CVE List

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA98...

10CVSS8.8AI score0.00312EPSS

CVE•added 2018/04/18 2:29 p.m.•41 views

CVE-2016-10481

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 808, ...

10CVSS8.6AI score0.00217EPSS

CVE•added 2020/03/05 9:15 a.m.•41 views

CVE-2019-14026

Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mu...

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2020/03/05 9:15 a.m.•41 views

CVE-2019-2311

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

10CVSS9.6AI score0.00356EPSS

CVE•added 2021/10/20 7:15 a.m.•41 views

CVE-2020-11303

Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice...

8.6CVSS7.2AI score0.0024EPSS

CVE•added 2021/09/09 8:15 a.m.•41 views

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2024/05/06 3:15 p.m.•41 views

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

7.5CVSS6.8AI score0.00294EPSS

CVE•added 2025/03/03 11:15 a.m.•41 views

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

5.5CVSS7.1AI score0.00014EPSS

CVE•added 2025/03/03 11:15 a.m.•41 views

CVE-2024-43057

Memory corruption while processing command in Glink linux.

7.8CVSS7.5AI score0.00024EPSS

CVE•added 2025/03/03 11:15 a.m.•41 views

CVE-2024-53030

Memory corruption while processing input message passed from FE driver.

7.8CVSS7.4AI score0.00036EPSS

CVE•added 2021/06/09 7:15 a.m.•40 views

CVE-2020-11176

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

10CVSS9.6AI score0.00223EPSS

CVE•added 2021/09/09 8:15 a.m.•40 views

CVE-2021-1956

Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2021/11/12 7:15 a.m.•40 views

CVE-2021-1979

Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS8AI score0.00035EPSS

CVE•added 2021/09/17 7:15 a.m.•40 views

CVE-2021-30261

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.9AI score0.00035EPSS

CVE•added 2022/01/03 8:15 a.m.•40 views

CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & ...

7.8CVSS7.6AI score0.00031EPSS

CVE•added 2021/10/20 7:15 a.m.•40 views

CVE-2021-30310

Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music

7.5CVSS7.6AI score0.0028EPSS

CVE•added 2024/10/07 1:15 p.m.•40 views

CVE-2024-23370

Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.

6.7CVSS6.7AI score0.00029EPSS

CVE•added 2024/11/04 10:15 a.m.•40 views

CVE-2024-38419

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2018/10/26 1:29 p.m.•39 views

CVE-2018-11850

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD ...

7.8CVSS7.8AI score0.00038EPSS

CVE•added 2021/09/17 7:15 a.m.•39 views

CVE-2021-30260

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

8.4CVSS8AI score0.00054EPSS

CVE•added 2023/01/09 8:15 a.m.•39 views

CVE-2022-33290

Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed.

7.5CVSS7.5AI score0.00125EPSS

CVE•added 2024/06/03 10:15 a.m.•39 views

CVE-2023-43545

Memory corruption when more scan frequency list or channels are sent from the user space.

7.8CVSS6.8AI score0.00027EPSS

CVE•added 2024/11/04 10:15 a.m.•39 views

CVE-2024-23385

Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.

7.5CVSS7AI score0.00062EPSS

CVE•added 2021/05/07 9:15 a.m.•38 views

CVE-2020-11294

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.8CVSS7.7AI score0.00041EPSS

CVE•added 2021/06/09 7:15 a.m.•38 views

CVE-2020-11298

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrago...

7.8CVSS6.9AI score0.00019EPSS

CVE•added 2021/09/08 12:15 p.m.•38 views

CVE-2021-1930

Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.1CVSS7AI score0.00041EPSS

CVE•added 2024/05/06 3:15 p.m.•38 views

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

7.5CVSS6.9AI score0.00153EPSS

CVE•added 2024/10/07 1:15 p.m.•38 views

CVE-2024-23378

Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.

6.7CVSS6.8AI score0.00029EPSS

CVE•added 2024/10/07 1:15 p.m.•38 views

CVE-2024-23379

Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.

6.7CVSS6.8AI score0.00029EPSS

CVE•added 2025/03/03 11:15 a.m.•38 views

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

6.5CVSS7.1AI score0.0002EPSS

CVE•added 2022/01/03 8:15 a.m.•37 views

CVE-2021-30293

Possible assertion due to lack of input validation in PUSCH configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2024/06/03 10:15 a.m.•37 views

CVE-2023-43537

Information disclosure while handling T2LM Action Frame in WLAN Host.

7.5CVSS6.4AI score0.00091EPSS

CVE•added 2024/06/03 10:15 a.m.•37 views

CVE-2023-43544

Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

7.8CVSS6.8AI score0.00026EPSS

CVE•added 2024/11/04 10:15 a.m.•37 views

CVE-2024-33029

Memory corruption while handling the PDR in driver for getting the remote heap maps.

6.7CVSS6.8AI score0.00028EPSS

CVE•added 2024/11/04 10:15 a.m.•37 views

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

9.1CVSS9AI score0.00069EPSS

CVE•added 2024/11/04 10:15 a.m.•36 views

CVE-2024-33030

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.

6.7CVSS6.8AI score0.00028EPSS

CVE•added 2024/11/04 10:15 a.m.•36 views

CVE-2024-38424

Memory corruption during GNSS HAL process initialization.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2021/09/08 12:15 p.m.•35 views

CVE-2021-1919

Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.3AI score0.00243EPSS

CVE•added 2022/01/03 8:15 a.m.•35 views

CVE-2021-30289

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.00035EPSS

CVE•added 2021/06/09 7:15 a.m.•34 views

CVE-2020-11304

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.8CVSS7AI score0.00043EPSS

CVE•added 2024/11/04 10:15 a.m.•34 views

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

7.5CVSS7AI score0.00193EPSS

CVE•added 2024/11/04 10:15 a.m.•34 views

CVE-2024-38403

Transient DOS while parsing BTM ML IE when per STA profile is not included.

7.5CVSS7AI score0.00193EPSS

CVE•added 2024/08/05 3:15 p.m.•29 views

CVE-2024-21467

Information disclosure while handling beacon probe frame during scan entry generation in client side.