Wcd9385 Firmware Security Vulnerabilities and Issues — Page 5 of Wcd9385 Firmware CVE List

Lucene search

QualcommWcd9385 Firmware

896 matches found

CVE•added 2023/07/04 5:15 a.m.•81 views

CVE-2023-21672

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.

8.4CVSS8.1AI score0.00045EPSS

CVE•added 2022/06/14 10:15 a.m.•80 views

CVE-2021-35111

Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdragon Mobile

7.5CVSS5.8AI score0.0019EPSS

CVE•added 2024/05/06 3:15 p.m.•80 views

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size.

7.8CVSS7.2AI score0.00082EPSS

CVE•added 2024/05/06 3:15 p.m.•80 views

CVE-2024-23351

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

8.4CVSS7.1AI score0.00084EPSS

CVE•added 2024/07/01 3:15 p.m.•80 views

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM partition.

7.8CVSS7.9AI score0.00098EPSS

CVE•added 2024/07/01 3:15 p.m.•80 views

CVE-2024-23372

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.

8.4CVSS8.3AI score0.00112EPSS

CVE•added 2024/07/01 3:15 p.m.•80 views

CVE-2024-23380

Memory corruption while handling user packets during VBO bind operation.

8.4CVSS8.2AI score0.00156EPSS

CVE•added 2021/03/17 6:15 a.m.•79 views

CVE-2020-11166

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

9.1CVSS9AI score0.00286EPSS

CVE•added 2021/03/17 6:15 a.m.•79 views

CVE-2020-11221

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdra...

5.5CVSS5.5AI score0.00045EPSS

CVE•added 2021/02/22 7:15 a.m.•79 views

CVE-2020-11275

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT...

9.4CVSS9.2AI score0.00286EPSS

CVE•added 2021/02/22 7:15 a.m.•79 views

CVE-2020-11280

Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapd...

7.8CVSS7.5AI score0.00245EPSS

CVE•added 2023/08/08 10:15 a.m.•79 views

CVE-2023-21649

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

7.8CVSS7AI score0.00034EPSS

CVE•added 2023/10/03 6:15 a.m.•79 views

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2CVSS7.5AI score0.00137EPSS

CVE•added 2023/07/04 5:15 a.m.•79 views

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

7.8CVSS7.7AI score0.00052EPSS

CVE•added 2023/10/03 6:15 a.m.•79 views

CVE-2023-24855

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

9.8CVSS9.1AI score0.00213EPSS

CVE•added 2024/11/04 10:15 a.m.•79 views

CVE-2024-38415

Memory corruption while handling session errors from firmware.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2025/02/03 5:15 p.m.•79 views

CVE-2024-49833

Memory corruption can occur in the camera when an invalid CID is used.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2025/03/03 11:15 a.m.•79 views

CVE-2024-53027

Transient DOS may occur while processing the country IE.

7.5CVSS7.2AI score0.0008EPSS

CVE•added 2021/06/09 5:15 a.m.•78 views

CVE-2020-11178

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon V...

7.8CVSS7.5AI score0.00033EPSS

CVE•added 2021/06/09 5:15 a.m.•78 views

CVE-2020-11238

Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, ...

7.8CVSS7.6AI score0.00317EPSS

CVE•added 2021/07/13 6:15 a.m.•78 views

CVE-2021-1888

Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00039EPSS

CVE•added 2021/07/13 6:15 a.m.•78 views

CVE-2021-1889

Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00035EPSS

CVE•added 2021/07/13 6:15 a.m.•78 views

CVE-2021-1953

Improper handling of received malformed FTMR request frame can lead to reachable assertion while responding with FTM1 frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon M...

7.5CVSS7.6AI score0.0026EPSS

CVE•added 2022/04/01 5:15 a.m.•78 views

CVE-2021-30333

Improper validation of buffer size input to the EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS8AI score0.0012EPSS

CVE•added 2022/06/14 10:15 a.m.•78 views

CVE-2021-30344

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00338EPSS

CVE•added 2022/06/14 10:15 a.m.•78 views

CVE-2021-35119

Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

5.5CVSS5.6AI score0.00039EPSS

CVE•added 2022/06/14 10:15 a.m.•78 views

CVE-2021-35121

An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

6.7CVSS6.6AI score0.00036EPSS

CVE•added 2022/09/16 6:15 a.m.•78 views

CVE-2022-25656

Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

8.4CVSS8.1AI score0.00063EPSS

CVE•added 2023/01/09 8:15 a.m.•78 views

CVE-2022-25725

Denial of service in MODEM due to improper pointer handling

6.2CVSS5.6AI score0.00044EPSS

CVE•added 2022/11/15 10:15 a.m.•78 views

CVE-2022-25741

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.5CVSS7.5AI score0.00204EPSS

CVE•added 2023/02/12 4:15 a.m.•78 views

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

7.8CVSS8AI score0.00074EPSS

CVE•added 2023/02/12 4:15 a.m.•78 views

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

7.5CVSS7.6AI score0.00123EPSS

CVE•added 2023/08/08 10:15 a.m.•78 views

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in Audio.

8.4CVSS8.1AI score0.00053EPSS

CVE•added 2023/11/07 6:15 a.m.•78 views

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

6.1CVSS5.7AI score0.00054EPSS

CVE•added 2024/02/06 6:15 a.m.•78 views

CVE-2023-33058

Information disclosure in Modem while processing SIB5.

9.1CVSS8.9AI score0.00082EPSS

CVE•added 2024/02/06 6:15 a.m.•78 views

CVE-2023-33065

Information disclosure in Audio while accessing AVCS services from ADSP payload.

7.1CVSS6.8AI score0.00027EPSS

CVE•added 2024/09/02 12:15 p.m.•78 views

CVE-2024-33042

Memory corruption when Alternative Frequency offset value is set to 255.

7.8CVSS7.8AI score0.00039EPSS

CVE•added 2024/09/02 12:15 p.m.•78 views

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously.

8.4CVSS8.2AI score0.00019EPSS

CVE•added 2025/02/03 5:15 p.m.•78 views

CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2025/02/03 5:15 p.m.•78 views

CVE-2024-49834

Memory corruption while power-up or power-down sequence of the camera sensor.

7.8CVSS7.9AI score0.00024EPSS

CVE•added 2021/02/22 7:15 a.m.•77 views

CVE-2020-11163

Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.6AI score0.00356EPSS

CVE•added 2021/06/09 5:15 a.m.•77 views

CVE-2020-11182

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

10CVSS9.5AI score0.00427EPSS

CVE•added 2021/02/22 7:15 a.m.•77 views

CVE-2020-11194

Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Netw...

7.8CVSS7.8AI score0.00033EPSS

CVE•added 2021/09/09 8:15 a.m.•77 views

CVE-2021-30290

Possible null pointer dereference due to race condition between timeline fence signal and time line fence destroy in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

8.4CVSS6.9AI score0.00085EPSS

CVE•added 2022/02/11 11:15 a.m.•77 views

CVE-2021-30318

Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS7.8AI score0.00085EPSS

CVE•added 2023/05/02 6:15 a.m.•77 views

CVE-2022-25713

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

7.8CVSS7.8AI score0.00051EPSS

CVE•added 2023/08/08 10:15 a.m.•77 views

CVE-2023-28555

Transient DOS in Audio while remapping channel buffer in media codec decoding.

7.5CVSS7.7AI score0.00123EPSS

CVE•added 2023/11/07 6:15 a.m.•77 views

CVE-2023-28568

Information disclosure in WLAN HAL when reception status handler is called.

6.1CVSS5.6AI score0.00054EPSS

CVE•added 2021/06/09 5:15 a.m.•76 views

CVE-2020-11126

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice ...

9.4CVSS9AI score0.00286EPSS

CVE•added 2021/02/22 7:15 a.m.•76 views

CVE-2020-11147

Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

6.7CVSS7AI score0.00048EPSS

Total number of security vulnerabilities896