Qcn9074 Firmware Security Vulnerabilities and Issues — Page 7 of Qcn9074 Firmware CVE List

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

6.1CVSS6.2AI score0.0002EPSS

CVE•added 2024/11/04 10:15 a.m.•37 views

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

9.1CVSS9AI score0.00062EPSS

CVE•added 2024/08/05 3:15 p.m.•36 views

CVE-2024-33010

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/08/05 3:15 p.m.•36 views

CVE-2024-33018

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

7.5CVSS7.6AI score0.00628EPSS

CVE•added 2024/08/05 3:15 p.m.•36 views

CVE-2024-33025

Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/12/02 11:15 a.m.•36 views

CVE-2024-33053

Memory corruption when multiple threads try to unregister the CVP buffer at the same time.

6.7CVSS6.8AI score0.00023EPSS

CVE•added 2023/01/09 8:15 a.m.•35 views

CVE-2022-25721

Memory corruption in video driver due to type confusion error during video playback

7.8CVSS7.1AI score0.0004EPSS

CVE•added 2024/08/05 3:15 p.m.•35 views

CVE-2024-33011

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

7.5CVSS7.6AI score0.00207EPSS

CVE•added 2024/11/04 10:15 a.m.•34 views

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

7.5CVSS7AI score0.00174EPSS

CVE•added 2024/11/04 10:15 a.m.•31 views

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.

6.7CVSS6.6AI score0.00025EPSS

CVE•added 2024/06/03 10:15 a.m.•29 views

CVE-2023-43555

Information disclosure in Video while parsing mp2 clip with invalid section length.

8.2CVSS8.1AI score0.00093EPSS

CVE•added 2024/06/03 10:15 a.m.•28 views

CVE-2023-43537

Information disclosure while handling T2LM Action Frame in WLAN Host.

7.5CVSS6.4AI score0.00091EPSS

CVE•added 2024/08/05 3:15 p.m.•19 views

CVE-2024-21467

Information disclosure while handling beacon probe frame during scan entry generation in client side.

7.5CVSS6.5AI score0.00101EPSS

CVE•added 2024/08/05 3:15 p.m.•17 views

CVE-2024-21459

Information disclosure while handling beacon or probe response frame in STA.

7.5CVSS6.5AI score0.00126EPSS

CVE•added 2024/08/05 3:15 p.m.•17 views

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2024/08/05 3:15 p.m.•16 views

CVE-2024-21479

Transient DOS during music playback of ALAC content.

7.5CVSS7.6AI score0.00161EPSS

CVE•added 2025/07/08 1:15 p.m.•7 views

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

7.8CVSS6.8AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•6 views

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

7.5CVSS6.4AI score0.00063EPSS

CVE•added 2025/07/08 1:15 p.m.•6 views

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

7.8CVSS6.8AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•6 views

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

7.8CVSS6.8AI score0.00013EPSS

CVE•added 2025/07/08 1:15 p.m.•6 views

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

7.5CVSS6.6AI score0.00048EPSS

Total number of security vulnerabilities325