Qcs410 Firmware@- Security Vulnerabilities and Issues — Page 6 of Qcs410 Firmware@- CVE List

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.7CVSS7AI score0.00042EPSS

CVE•added 2022/10/19 11:15 a.m.•68 views

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS9.8AI score0.00328EPSS

CVE•added 2023/12/05 3:15 a.m.•68 views

CVE-2023-22383

Memory Corruption in camera while installing a fd for a particular DMA buffer.

7.8CVSS7AI score0.0004EPSS

CVE•added 2024/04/01 3:15 p.m.•68 views

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

8.4CVSS8.7AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•68 views

CVE-2023-28579

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.

7.8CVSS6.8AI score0.00042EPSS

CVE•added 2024/02/06 6:16 a.m.•68 views

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2022/11/15 10:15 a.m.•67 views

CVE-2022-25676

Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.8CVSS5.7AI score0.00049EPSS

CVE•added 2023/03/10 9:15 p.m.•67 views

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

7.8CVSS8AI score0.0006EPSS

CVE•added 2023/06/06 8:15 a.m.•67 views

CVE-2022-33227

Memory corruption in Linux android due to double free while calling unregister provider after register call.

7.8CVSS7AI score0.00034EPSS

CVE•added 2023/02/12 4:15 a.m.•67 views

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/04/13 7:15 a.m.•67 views

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS6.8AI score0.00039EPSS

CVE•added 2023/10/03 6:15 a.m.•67 views

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2CVSS7.5AI score0.0012EPSS

CVE•added 2023/12/05 3:15 a.m.•67 views

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

7.8CVSS7.2AI score0.00043EPSS

CVE•added 2024/01/02 6:15 a.m.•67 views

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

7.5CVSS7.5AI score0.00325EPSS

CVE•added 2024/02/06 6:16 a.m.•67 views

CVE-2023-43518

Memory corruption in video while parsing invalid mp2 clip.

9.8CVSS9.5AI score0.00107EPSS

CVE•added 2025/02/03 5:15 p.m.•67 views

CVE-2024-38416

Information disclosure during audio playback.

6.1CVSS6.2AI score0.00021EPSS

CVE•added 2021/10/20 7:15 a.m.•66 views

CVE-2021-1969

Improper validation of kernel buffer address while copying information back to user buffer can lead to kernel memory information exposure to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

6.2CVSS5.5AI score0.00035EPSS

CVE•added 2022/09/02 12:15 p.m.•66 views

CVE-2022-25658

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

9.8CVSS9.4AI score0.00112EPSS

CVE•added 2024/03/04 11:15 a.m.•66 views

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

8.4CVSS8.6AI score0.0007EPSS

CVE•added 2023/05/02 8:15 a.m.•65 views

CVE-2022-40504

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2023/06/06 8:15 a.m.•65 views

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the list.

8.4CVSS8.1AI score0.0301EPSS

CVE•added 2024/03/04 11:15 a.m.•65 views

CVE-2023-28578

Memory corruption in Core Services while executing the command for removing a single event listener.

9.3CVSS9.6AI score0.00111EPSS

CVE•added 2023/12/05 3:15 a.m.•65 views

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE Kernel.

8.8CVSS8.8AI score0.0004EPSS

CVE•added 2024/01/02 6:15 a.m.•65 views

CVE-2023-33085

Memory corruption in wearables while processing data from AON.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2022/06/14 10:15 a.m.•64 views

CVE-2021-30349

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infra...

8.2CVSS6.8AI score0.00107EPSS

CVE•added 2022/10/19 11:15 a.m.•64 views

CVE-2022-25687

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.0019EPSS

CVE•added 2022/11/15 10:15 a.m.•64 views

CVE-2022-33234

Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

9.8CVSS9.5AI score0.00105EPSS

CVE•added 2023/01/09 8:15 a.m.•64 views

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

7.5CVSS6.7AI score0.00158EPSS

CVE•added 2023/09/05 7:15 a.m.•64 views

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

8.4CVSS8.1AI score0.0003EPSS

CVE•added 2024/02/06 6:16 a.m.•64 views

CVE-2023-43519

Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.

9.8CVSS9.5AI score0.00107EPSS

CVE•added 2024/08/05 3:15 p.m.•64 views

CVE-2024-33027

Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.

8.4CVSS8.5AI score0.00029EPSS

CVE•added 2021/09/09 8:15 a.m.•63 views

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2022/01/03 8:15 a.m.•63 views

CVE-2021-30298

Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired ...

7.8CVSS7.6AI score0.0004EPSS

CVE•added 2023/03/10 9:15 p.m.•63 views

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS8.2AI score0.00067EPSS

CVE•added 2023/01/09 8:15 a.m.•63 views

CVE-2022-25715

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

7.8CVSS7.1AI score0.0004EPSS

CVE•added 2023/01/09 8:15 a.m.•63 views

CVE-2022-25717

Memory corruption in display due to double free while allocating frame buffer memory

7.8CVSS7.2AI score0.00034EPSS

CVE•added 2023/06/06 8:15 a.m.•63 views

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

7.9CVSS8.1AI score0.00094EPSS

CVE•added 2023/09/05 7:15 a.m.•63 views

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

7.8CVSS7.2AI score0.0002EPSS

CVE•added 2023/11/07 6:15 a.m.•63 views

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

8.4CVSS7.8AI score0.00054EPSS

CVE•added 2024/01/02 6:15 a.m.•63 views

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

7.5CVSS7.6AI score0.00173EPSS

CVE•added 2023/06/06 8:15 a.m.•62 views

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read request.

7.1CVSS5.8AI score0.00071EPSS

CVE•added 2022/12/13 4:15 p.m.•62 views

CVE-2022-33235

Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

8.2CVSS7.7AI score0.00091EPSS

CVE•added 2023/01/09 8:15 a.m.•62 views

CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

8.4CVSS8.1AI score0.04308EPSS

CVE•added 2023/06/06 8:15 a.m.•62 views

CVE-2022-40523

Information disclosure in Kernel due to indirect branch misprediction.

7.1CVSS5.6AI score0.0004EPSS

CVE•added 2023/06/06 8:15 a.m.•62 views

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.