Snapdragon X65 5g Modem-rf System Firmware Security Vulnerabilities and Issues — Page 3 of Snapdragon X65 5g Modem-rf System Firmware CVE List

Lucene search

QualcommSnapdragon X65 5g Modem-rf System Firmware

166 matches found

CVE•added 2024/01/02 6:15 a.m.•59 views

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

7.5CVSS7.5AI score0.00188EPSS

CVE•added 2023/10/03 6:15 a.m.•58 views

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

9.8CVSS9.1AI score0.00126EPSS

CVE•added 2023/12/05 3:15 a.m.•58 views

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8CVSS7.9AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•58 views

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

7.8CVSS7.9AI score0.0003EPSS

CVE•added 2023/12/05 3:15 a.m.•58 views

CVE-2023-33041

Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.

7.5CVSS7.5AI score0.00148EPSS

CVE•added 2024/07/01 3:15 p.m.•58 views

CVE-2024-21457

INformation disclosure while handling Multi-link IE in beacon frame.

7.5CVSS6.6AI score0.00074EPSS

CVE•added 2023/09/05 7:15 a.m.•57 views

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

7.8CVSS8AI score0.00027EPSS

CVE•added 2024/01/02 6:15 a.m.•57 views

CVE-2023-33030

Memory corruption in HLOS while running playready use-case.

9.3CVSS7.8AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•57 views

CVE-2023-33061

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

7.5CVSS7.6AI score0.00188EPSS

CVE•added 2023/12/05 3:15 a.m.•57 views

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR frame.

7.5CVSS7.5AI score0.00147EPSS

CVE•added 2023/06/06 8:15 a.m.•56 views

CVE-2022-22060

Assertion occurs while processing Reconfiguration message due to improper validation

7.5CVSS7.5AI score0.00107EPSS

CVE•added 2023/06/06 8:15 a.m.•56 views

CVE-2022-33251

Transient DOS due to reachable assertion in Modem because of invalid network configuration.

7.5CVSS7.5AI score0.00145EPSS

CVE•added 2023/04/13 7:15 a.m.•56 views

CVE-2022-33270

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.

7.5CVSS6AI score0.00081EPSS

CVE•added 2023/10/03 6:15 a.m.•56 views

CVE-2023-24844

Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.

8.4CVSS7.8AI score0.00027EPSS

CVE•added 2023/11/07 6:15 a.m.•56 views

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

7.5CVSS7.5AI score0.00188EPSS

CVE•added 2023/12/05 3:15 a.m.•56 views

CVE-2023-33083

Memory corruption in WLAN Host while processing RRM beacon on the AP.

9.8CVSS9.8AI score0.002EPSS

CVE•added 2023/12/05 3:15 a.m.•56 views

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

7.5CVSS7.6AI score0.00188EPSS

CVE•added 2024/02/06 6:16 a.m.•56 views

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.

7.5CVSS7.5AI score0.00145EPSS

CVE•added 2024/08/05 3:15 p.m.•56 views

CVE-2024-33013

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.

7.5CVSS7.6AI score0.00189EPSS

CVE•added 2023/09/05 7:15 a.m.•55 views

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

7.8CVSS7.9AI score0.00045EPSS

CVE•added 2023/12/05 3:15 a.m.•55 views

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

7.8CVSS8AI score0.00068EPSS

CVE•added 2024/07/01 3:15 p.m.•55 views

CVE-2024-21465

Memory corruption while processing key blob passed by the user.

7.8CVSS7.9AI score0.00098EPSS

CVE•added 2024/08/05 3:15 p.m.•55 views

CVE-2024-33026

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/12/02 11:15 a.m.•55 views

CVE-2024-33044

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

8.4CVSS8.6AI score0.00028EPSS

CVE•added 2023/12/05 3:15 a.m.•54 views

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

7.8CVSS7.8AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•54 views

CVE-2023-33042

Transient DOS in Modem after RRC Setup message is received.

7.5CVSS7.6AI score0.00187EPSS

CVE•added 2023/12/05 3:15 a.m.•54 views

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

8.4CVSS8.1AI score0.00068EPSS

CVE•added 2023/12/05 3:15 a.m.•52 views

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS6.1AI score0.00039EPSS

CVE•added 2024/08/05 3:15 p.m.•52 views

CVE-2024-33023

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.

8.4CVSS8.6AI score0.00035EPSS

CVE•added 2023/12/05 3:15 a.m.•51 views

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

7.8CVSS7.7AI score0.0006EPSS

CVE•added 2023/09/05 7:15 a.m.•51 views

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

7.8CVSS8AI score0.00024EPSS

CVE•added 2024/01/02 6:15 a.m.•51 views

CVE-2023-33112

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

7.5CVSS7.5AI score0.00229EPSS

CVE•added 2024/08/05 3:15 p.m.•51 views

CVE-2024-33012

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/08/05 3:15 p.m.•51 views

CVE-2024-33015

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/10/07 1:15 p.m.•51 views

CVE-2024-38397

Transient DOS while parsing probe response and assoc response frame.

7.5CVSS7.6AI score0.00207EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

7.8CVSS8AI score0.0006EPSS

CVE•added 2024/07/01 3:15 p.m.•50 views

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

7.8CVSS7.4AI score0.00109EPSS

CVE•added 2023/06/06 8:15 a.m.•49 views

CVE-2022-40538

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network.

7.5CVSS7.5AI score0.00145EPSS

CVE•added 2023/12/05 3:15 a.m.•49 views

CVE-2023-33022

Memory corruption in HLOS while invoking IOCTL calls from user-space.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•49 views

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

7.5CVSS7.7AI score0.00222EPSS

CVE•added 2024/08/05 3:15 p.m.•49 views

CVE-2024-33010

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/08/05 3:15 p.m.•49 views

CVE-2024-33014

Transient DOS while parsing ESP IE from beacon/probe response frame.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/08/05 3:15 p.m.•49 views

CVE-2024-33024

Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2023/12/05 3:15 a.m.•48 views

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

7.5CVSS7.5AI score0.00194EPSS

CVE•added 2024/08/05 3:15 p.m.•48 views

CVE-2024-33011

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

7.5CVSS7.6AI score0.00207EPSS

CVE•added 2024/08/05 3:15 p.m.•48 views

CVE-2024-33018

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

7.5CVSS7.6AI score0.00628EPSS

CVE•added 2024/08/05 3:15 p.m.•48 views

CVE-2024-33019

Transient DOS while parsing the received TID-to-link mapping action frame.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/08/05 3:15 p.m.•48 views

CVE-2024-33025

Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.

7.5CVSS7.6AI score0.00244EPSS

CVE•added 2024/01/02 6:15 a.m.•47 views

CVE-2023-33038

Memory corruption while receiving a message in Bus Socket Transport Server.

7.8CVSS7.7AI score0.00042EPSS

CVE•added 2024/07/01 3:15 p.m.•47 views

CVE-2024-21482

Memory corruption during the secure boot process, when the bootm command is used, it bypasses the authentication of the kernel/rootfs image.

7.8CVSS7.2AI score0.00013EPSS

Total number of security vulnerabilities166