Sw5100 Firmware@- Security Vulnerabilities and Issues — Page 4 of Sw5100 Firmware@- CVE List

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

9.4CVSS9AI score0.0016EPSS

CVE•added 2022/10/19 11:15 a.m.•73 views

CVE-2022-25664

Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.2CVSS5.4AI score0.00169EPSS

CVE•added 2023/09/05 7:15 a.m.•73 views

CVE-2023-21663

Memory Corruption while accessing metadata in Display.

7.8CVSS7AI score0.0002EPSS

CVE•added 2024/02/06 6:16 a.m.•73 views

CVE-2023-33072

Memory corruption in Core while processing control functions.

9.3CVSS7.8AI score0.00029EPSS

CVE•added 2024/07/01 3:15 p.m.•73 views

CVE-2024-21466

Information disclosure while parsing sub-IE length during new IE generation.

7.5CVSS6.6AI score0.00127EPSS

CVE•added 2022/06/14 10:15 a.m.•72 views

CVE-2021-30350

Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS7.9AI score0.00199EPSS

CVE•added 2023/03/10 9:15 p.m.•72 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/10/03 6:15 a.m.•72 views

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

7.8CVSS7.2AI score0.00032EPSS

CVE•added 2023/11/07 6:15 a.m.•72 views

CVE-2023-28556

Cryptographic issue in HLOS during key management.

7.8CVSS7.2AI score0.00045EPSS

CVE•added 2023/11/07 6:15 a.m.•72 views

CVE-2023-28566

Information disclosure in WLAN HAL while handling the WMI state info command.

6.1CVSS5.7AI score0.00056EPSS

CVE•added 2022/06/14 10:15 a.m.•71 views

CVE-2021-35080

Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.5CVSS5.4AI score0.00039EPSS

CVE•added 2022/12/13 4:15 p.m.•71 views

CVE-2022-25712

Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables

7.8CVSS7.9AI score0.00036EPSS

CVE•added 2023/09/05 7:15 a.m.•71 views

CVE-2023-21655

Memory corruption in Audio while validating and mapping metadata.

7.8CVSS7AI score0.0002EPSS

CVE•added 2024/04/01 3:15 p.m.•71 views

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

8.4CVSS8.7AI score0.0006EPSS

CVE•added 2024/02/06 6:16 a.m.•71 views

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

7.5CVSS7.5AI score0.00122EPSS

CVE•added 2024/08/05 3:15 p.m.•71 views

CVE-2024-23384

Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker.

8.4CVSS8.6AI score0.00034EPSS

CVE•added 2022/06/14 10:15 a.m.•70 views

CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netw...

10CVSS9.6AI score0.00701EPSS

CVE•added 2023/03/10 9:15 p.m.•70 views

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

7.8CVSS7.9AI score0.00046EPSS

CVE•added 2023/02/12 4:15 a.m.•70 views

CVE-2022-34145

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

7.5CVSS7.6AI score0.00207EPSS

CVE•added 2023/07/04 5:15 a.m.•70 views

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

6.8CVSS6.6AI score0.00073EPSS

CVE•added 2023/08/08 10:15 a.m.•70 views

CVE-2023-21650

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

7.8CVSS7AI score0.00036EPSS

CVE•added 2023/10/03 6:15 a.m.•70 views

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

7.5CVSS7.7AI score0.00194EPSS

CVE•added 2024/02/06 6:16 a.m.•70 views

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

7.5CVSS7.5AI score0.00123EPSS

CVE•added 2022/09/02 12:15 p.m.•69 views

CVE-2022-25659

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.00136EPSS

CVE•added 2022/10/19 11:15 a.m.•69 views

CVE-2022-25666

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.7CVSS7AI score0.00042EPSS

CVE•added 2023/04/13 7:15 a.m.•69 views

CVE-2022-33296

Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.

7.8CVSS6.7AI score0.00042EPSS

CVE•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

9.8CVSS8AI score0.00071EPSS

CVE•added 2023/06/06 8:15 a.m.•69 views

CVE-2022-40521

Transient DOS due to improper authorization in Modem

7.5CVSS7.5AI score0.00106EPSS

CVE•added 2023/04/13 7:15 a.m.•69 views

CVE-2023-21630

Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•69 views

CVE-2023-22383

Memory Corruption in camera while installing a fd for a particular DMA buffer.

7.8CVSS7AI score0.0004EPSS

CVE•added 2023/10/03 6:15 a.m.•69 views

CVE-2023-24847

Transient DOS in Modem while allocating DSM items.

7.5CVSS7.5AI score0.00178EPSS

CVE•added 2023/09/05 7:15 a.m.•69 views

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2023/12/05 3:15 a.m.•69 views

CVE-2023-28579

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length.

7.8CVSS6.8AI score0.00042EPSS

CVE•added 2024/05/06 3:15 p.m.•69 views

CVE-2023-43521

Memory corruption when multiple listeners are being registered with the same file descriptor.

7.8CVSS7.1AI score0.00023EPSS

CVE•added 2024/08/05 3:15 p.m.•69 views

CVE-2024-23383

Memory corruption when kernel driver attempts to trigger hardware fences.

8.4CVSS8.4AI score0.00035EPSS

CVE•added 2022/10/19 11:15 a.m.•68 views

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS9.8AI score0.00328EPSS

CVE•added 2024/04/01 3:15 p.m.•68 views

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

8.4CVSS8.7AI score0.0006EPSS

CVE•added 2023/12/05 3:15 a.m.•68 views

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

7.8CVSS7.2AI score0.00043EPSS

CVE•added 2024/04/01 3:15 p.m.•68 views

CVE-2024-21463

Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

9.8CVSS7.4AI score0.00084EPSS

CVE•added 2022/11/15 10:15 a.m.•67 views

CVE-2022-25676

Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

6.8CVSS5.7AI score0.00049EPSS

CVE•added 2023/03/10 9:15 p.m.•67 views

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

7.8CVSS8AI score0.0006EPSS

CVE•added 2023/06/06 8:15 a.m.•67 views

CVE-2022-33227

Memory corruption in Linux android due to double free while calling unregister provider after register call.

7.8CVSS7AI score0.00034EPSS

CVE•added 2023/03/10 9:15 p.m.•67 views

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS7.6AI score0.00042EPSS

CVE•added 2023/02/12 4:15 a.m.•67 views

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

8.4CVSS8.1AI score0.0006EPSS

CVE•added 2023/04/13 7:15 a.m.•67 views

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS6.8AI score0.00039EPSS

CVE•added 2023/05/02 6:15 a.m.•67 views

CVE-2022-33305

Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH.

7.5CVSS7.5AI score0.00106EPSS

Total number of security vulnerabilities394