| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. |
| Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM |
| Memory corruption in Core Platform while printing the response buffer in log. |
| Memory Corruption in Core Platform while printing the response buffer in log. |
| Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. |
| Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. |
| Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. |
| Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. |
| Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. |
| Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. |
| Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command. |
| Information disclosure due to buffer over-read in WLAN while parsing NMF frame. |
| Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. |
| Memory corruption due to configuration weakness in modem wile sending command to write protected files. |
| Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory. |
| Memory corruption in modem due to buffer overflow while processing a PPP packet |
| Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response |
| Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
| Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. |
