Vulnerabilities > Qualcomm > Fastconnect 6700 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-06 | CVE-2024-45542 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. | 7.8 |
| 2025-01-06 | CVE-2024-45553 | Use After Free vulnerability in Qualcomm products Memory corruption can occur when process-specific maps are added to the global list. | 7.8 |
| 2025-01-06 | CVE-2024-45558 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | 7.5 |
| 2024-12-02 | CVE-2024-33044 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while Configuring the SMR/S2CR register in Bypass mode. | 7.8 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |
| 2024-12-02 | CVE-2024-43050 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. | 7.8 |
| 2024-11-04 | CVE-2024-38406 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Memory corruption while handling IOCTL calls in JPEG Encoder driver. | 7.0 |
| 2024-11-04 | CVE-2024-38407 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. | 7.0 |
| 2024-11-04 | CVE-2024-38409 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while station LL statistic handling. | 7.8 |
| 2024-11-04 | CVE-2024-38410 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. | 7.8 |