| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. |
| Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. |
| Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. |
| Memory corruption due to improper access control in kernel while processing a mapping request from root process. |
| Information disclosure in Kernel due to indirect branch misprediction. |
| Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. |
| Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. |
| Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. |
| Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed. |
| Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. |
| Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command. |
| Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation. |
| Information disclosure due to buffer over-read in WLAN while parsing NMF frame. |
| Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. |
| Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. |
| Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD. |
| Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory. |
| Memory corruption due to double free in core while initializing the encryption key. |
| Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
