Qca8337 Firmware Security Vulnerabilities and Issues — Page 12 of Qca8337 Firmware CVE List

Lucene search

QualcommQca8337 Firmware

644 matches found

CVE•added 2024/05/06 3:15 p.m.•45 views

CVE-2024-21476

Memory corruption when the channel ID passed by user is not validated and further used.

7.8CVSS7.1AI score0.00082EPSS

CVE•added 2024/10/07 1:15 p.m.•45 views

CVE-2024-23369

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2025/01/06 11:15 a.m.•45 views

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

6.1CVSS6.3AI score0.00021EPSS

CVE•added 2024/10/07 1:15 p.m.•45 views

CVE-2024-33073

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

8.2CVSS8.2AI score0.00183EPSS

CVE•added 2024/09/02 12:15 p.m.•45 views

CVE-2024-38401

Memory corruption while processing concurrent IOCTL calls.

7.8CVSS7.9AI score0.00039EPSS

CVE•added 2025/03/03 11:15 a.m.•45 views

CVE-2024-53023

Memory corruption may occur while accessing a variable during extended back to back tests.

7.8CVSS7.3AI score0.00024EPSS

CVE•added 2021/04/07 8:15 a.m.•44 views

CVE-2020-11252

Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infras...

7.2CVSS5.6AI score0.00043EPSS

CVE•added 2022/01/03 8:15 a.m.•44 views

CVE-2020-11263

An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

8.2CVSS8.3AI score0.00112EPSS

CVE•added 2021/05/07 9:15 a.m.•44 views

CVE-2020-11288

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.8AI score0.00033EPSS

CVE•added 2021/11/12 7:15 a.m.•44 views

CVE-2021-1903

Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...

5.3CVSS5.5AI score0.00216EPSS

CVE•added 2022/01/03 8:15 a.m.•44 views

CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, ...

7.8CVSS7.7AI score0.00031EPSS

CVE•added 2022/01/03 8:15 a.m.•44 views

CVE-2021-30348

Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2022/10/19 11:15 a.m.•44 views

CVE-2022-22078

Denial of service in BOOT when partition size for a particular partition is requested due to integer overflow when blocks are calculated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

4.6CVSS5.1AI score0.00064EPSS

CVE•added 2023/01/09 8:15 a.m.•44 views

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

7.5CVSS6.7AI score0.00123EPSS

CVE•added 2024/05/06 3:15 p.m.•44 views

CVE-2023-43531

Memory corruption while verifying the serialized header when the key pairs are generated.

8.4CVSS7.1AI score0.00045EPSS

CVE•added 2025/03/03 11:15 a.m.•44 views

CVE-2024-43060

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

7.8CVSS7.3AI score0.00024EPSS

CVE•added 2021/05/07 9:15 a.m.•43 views

CVE-2020-11285

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapd...

9.4CVSS9AI score0.00239EPSS

CVE•added 2021/05/07 9:15 a.m.•43 views

CVE-2021-1895

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

7.8CVSS7.8AI score0.00033EPSS

CVE•added 2021/10/20 7:15 a.m.•43 views

CVE-2021-1959

Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.5AI score0.00039EPSS

CVE•added 2021/11/12 7:15 a.m.•43 views

CVE-2021-30254

Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearabl...

7.8CVSS8AI score0.00035EPSS

CVE•added 2022/01/03 8:15 a.m.•43 views

CVE-2021-30276

Improper access control while doing XPU re-configuration dynamically can lead to unauthorized access to a secure resource in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wired Infrastructure and Networking

9.3CVSS7.6AI score0.00083EPSS

CVE•added 2022/01/03 8:15 a.m.•43 views

CVE-2021-30303

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7.8CVSS8AI score0.00035EPSS

CVE•added 2021/09/09 8:15 a.m.•42 views

CVE-2021-1909

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapd...

7.8CVSS7.8AI score0.00035EPSS

CVE•added 2021/10/20 7:15 a.m.•42 views

CVE-2021-1913

Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

8.4CVSS7.7AI score0.00035EPSS

CVE•added 2021/09/09 8:15 a.m.•42 views

CVE-2021-1946

Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.2AI score0.00216EPSS

CVE•added 2021/11/12 7:15 a.m.•42 views

CVE-2021-1981

Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

9.1CVSS9AI score0.00286EPSS

CVE•added 2021/11/12 7:15 a.m.•42 views

CVE-2021-1982

Possible denial of service scenario due to improper input validation of received NAS OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.5CVSS7.5AI score0.0026EPSS

CVE•added 2021/11/12 7:15 a.m.•42 views

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2022/01/03 8:15 a.m.•42 views

CVE-2021-30267

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS8AI score0.00054EPSS

CVE•added 2022/01/03 8:15 a.m.•42 views

CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.8AI score0.00039EPSS

CVE•added 2024/05/06 3:15 p.m.•42 views

CVE-2023-43530

Memory corruption in HLOS while checking for the storage type.

7.8CVSS7.1AI score0.00042EPSS

CVE•added 2024/06/03 10:15 a.m.•42 views

CVE-2023-43538

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

9.3CVSS9.5AI score0.00053EPSS

CVE•added 2024/07/01 3:15 p.m.•42 views

CVE-2024-21462

Transient DOS while loading the TA ELF file.

7.1CVSS6.1AI score0.00071EPSS

CVE•added 2024/05/06 3:15 p.m.•42 views

CVE-2024-21474

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

8.4CVSS7.3AI score0.00061EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38404

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.

7.5CVSS7.6AI score0.00074EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38417

Information disclosure while processing IO control commands.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38420

Memory corruption while configuring a Hypervisor based input virtual device.

8.8CVSS8.9AI score0.00036EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-45584

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2021/09/09 8:15 a.m.•41 views

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2024/05/06 3:15 p.m.•41 views

CVE-2024-21477

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

7.5CVSS6.8AI score0.00294EPSS

CVE•added 2024/11/04 10:15 a.m.•41 views

CVE-2024-33031

Memory corruption while processing the update SIM PB records request.

6.7CVSS6.8AI score0.00036EPSS

CVE•added 2025/03/03 11:15 a.m.•41 views

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

5.5CVSS7.1AI score0.00014EPSS

CVE•added 2025/03/03 11:15 a.m.•41 views

CVE-2024-43057

Memory corruption while processing command in Glink linux.

7.8CVSS7.5AI score0.00024EPSS

CVE•added 2021/06/09 7:15 a.m.•40 views

CVE-2020-11176

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

10CVSS9.6AI score0.00223EPSS

CVE•added 2021/09/09 8:15 a.m.•40 views

CVE-2021-1956

Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2021/11/12 7:15 a.m.•40 views

CVE-2021-1979

Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS8AI score0.00035EPSS

CVE•added 2022/01/03 8:15 a.m.•40 views

CVE-2021-30272

Possible null pointer dereference in thread cache operation handler due to lack of validation of user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & ...

7.8CVSS7.6AI score0.00031EPSS

CVE•added 2022/01/13 12:15 p.m.•40 views

CVE-2021-30285

Improper validation of memory region in Hypervisor can lead to incorrect region mapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

9.3CVSS8.6AI score0.00043EPSS

CVE•added 2024/11/04 10:15 a.m.•40 views

CVE-2024-38419

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2021/09/17 7:15 a.m.•39 views

CVE-2021-30260

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...

8.4CVSS8AI score0.00054EPSS

Total number of security vulnerabilities644