Qcm2290 Firmware@- Security Vulnerabilities and Issues — Page 5 of Qcm2290 Firmware@- CVE List

Lucene search

QualcommQcm2290 Firmware-

392 matches found

CVE•added 2023/03/10 9:15 p.m.•66 views

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS7.6AI score0.00042EPSS

CVE•added 2023/02/12 4:15 a.m.•66 views

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/04/13 7:15 a.m.•66 views

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS6.8AI score0.00039EPSS

CVE•added 2023/05/02 6:15 a.m.•66 views

CVE-2022-33305

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

7.5CVSS7.5AI score0.00106EPSS

CVE•added 2023/10/03 6:15 a.m.•66 views

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2CVSS7.5AI score0.0012EPSS

CVE•added 2024/01/02 6:15 a.m.•66 views

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

7.5CVSS7.5AI score0.00325EPSS

CVE•added 2024/02/06 6:16 a.m.•66 views

CVE-2023-43518

Memory corruption in video while parsing invalid mp2 clip.

9.8CVSS9.5AI score0.00107EPSS

CVE•added 2024/11/04 10:15 a.m.•66 views

CVE-2024-38423

Memory corruption while processing GPU page table switch.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2022/09/02 12:15 p.m.•65 views

CVE-2022-25658

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

9.8CVSS9.4AI score0.00112EPSS

CVE•added 2023/03/10 9:15 p.m.•65 views

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

7.8CVSS7.9AI score0.00067EPSS

CVE•added 2024/03/04 11:15 a.m.•65 views

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

8.4CVSS8.6AI score0.0007EPSS

CVE•added 2024/11/22 10:15 a.m.•64 views

CVE-2021-30299

Possible out of bound access in audio module due to lack of validation of user provided input.

6.7CVSS6.5AI score0.00028EPSS

CVE•added 2023/05/02 8:15 a.m.•64 views

CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2023/06/06 8:15 a.m.•64 views

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

8.4CVSS8.1AI score0.0301EPSS

CVE•added 2024/03/04 11:15 a.m.•64 views

CVE-2023-28578

Memory corruption in Core Services while executing the command for removing a single event listener.

9.3CVSS9.6AI score0.00111EPSS

CVE•added 2023/12/05 3:15 a.m.•64 views

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

8.8CVSS8.8AI score0.0004EPSS

CVE•added 2022/06/14 10:15 a.m.•63 views

CVE-2021-30349

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infra...

8.2CVSS6.8AI score0.00107EPSS

CVE•added 2022/06/14 10:15 a.m.•63 views

CVE-2021-35094

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2022/10/19 11:15 a.m.•63 views

CVE-2022-25687

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.00168EPSS

CVE•added 2022/11/15 10:15 a.m.•63 views

CVE-2022-33234

Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

9.8CVSS9.5AI score0.00105EPSS

CVE•added 2023/09/05 7:15 a.m.•63 views

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

8.4CVSS8.1AI score0.0003EPSS

CVE•added 2024/02/06 6:16 a.m.•63 views

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

9.8CVSS9.5AI score0.00107EPSS

CVE•added 2023/03/10 9:15 p.m.•62 views

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS8.2AI score0.00067EPSS

CVE•added 2023/06/06 8:15 a.m.•62 views

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

7.9CVSS8.1AI score0.00094EPSS

CVE•added 2023/01/09 8:15 a.m.•62 views

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

7.5CVSS6.7AI score0.00158EPSS

CVE•added 2023/08/08 10:15 a.m.•62 views

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

9.3CVSS8.1AI score0.00052EPSS

CVE•added 2023/11/07 6:15 a.m.•62 views

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

8.4CVSS7.8AI score0.00054EPSS

CVE•added 2024/01/02 6:15 a.m.•62 views

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

7.5CVSS7.6AI score0.00173EPSS

CVE•added 2022/06/14 10:15 a.m.•61 views

CVE-2021-30346

RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.5CVSS5.7AI score0.00096EPSS

CVE•added 2022/06/14 10:15 a.m.•61 views

CVE-2021-35118

An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.7AI score0.00084EPSS

CVE•added 2023/06/06 8:15 a.m.•61 views

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

7.1CVSS5.8AI score0.00071EPSS

CVE•added 2022/12/13 4:15 p.m.•61 views

CVE-2022-33235

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

8.2CVSS7.7AI score0.00091EPSS

CVE•added 2023/01/09 8:15 a.m.•61 views

CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

8.4CVSS8.1AI score0.04308EPSS

CVE•added 2023/06/06 8:15 a.m.•61 views

CVE-2022-40523

Information disclosure in Kernel due to indirect branch misprediction.

7.1CVSS5.6AI score0.0004EPSS

CVE•added 2023/06/06 8:15 a.m.•61 views

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

7.5CVSS7.5AI score0.00122EPSS

CVE•added 2023/08/08 10:15 a.m.•61 views

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified content.

8.4CVSS7.9AI score0.00053EPSS

CVE•added 2023/10/03 6:15 a.m.•61 views

CVE-2023-28540

Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

9.1CVSS7.8AI score0.00067EPSS

CVE•added 2023/09/05 7:15 a.m.•61 views

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

7.8CVSS8AI score0.00053EPSS

CVE•added 2023/12/05 3:15 a.m.•61 views

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

7.8CVSS7.9AI score0.00062EPSS

CVE•added 2024/01/02 6:15 a.m.•61 views

CVE-2023-33040

Transient DOS in Data Modem during DTLS handshake.

7.5CVSS7.5AI score0.00147EPSS

CVE•added 2024/03/04 11:15 a.m.•61 views

CVE-2023-43548

Memory corruption while parsing qcp clip with invalid chunk data size.

9.8CVSS7.4AI score0.00144EPSS

CVE•added 2022/09/02 12:15 p.m.•60 views

CVE-2022-25668

Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.5AI score0.00126EPSS

CVE•added 2022/09/16 6:15 a.m.•60 views

CVE-2022-25690

Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sna...

7.5CVSS7.5AI score0.00225EPSS

CVE•added 2023/03/10 9:15 p.m.•60 views

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

8.4CVSS8AI score0.00067EPSS

CVE•added 2022/11/15 10:15 a.m.•60 views

CVE-2022-33239

Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

7.5CVSS7.6AI score0.00233EPSS

CVE•added 2023/10/03 6:15 a.m.•60 views

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

7.8CVSS7.6AI score0.0003EPSS

CVE•added 2024/01/02 6:15 a.m.•60 views

CVE-2023-33033

Memory corruption in Audio during playback with speaker protection.

8.4CVSS7.8AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•60 views

CVE-2023-33054

Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

9.1CVSS9.3AI score0.0013EPSS

CVE•added 2024/03/04 11:15 a.m.•60 views

CVE-2023-33086

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

7.5CVSS7.5AI score0.00143EPSS

CVE•added 2024/01/02 6:15 a.m.•60 views

CVE-2023-33118

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

7.8CVSS7.9AI score0.0011EPSS

Total number of security vulnerabilities392