Vulnerabilities > Qualcomm > Mdm9206 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2022-25655 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
local
low complexity
qualcomm CWE-120
7.8
2023-03-10 CVE-2022-25694 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
local
low complexity
qualcomm CWE-119
7.8
2023-03-10 CVE-2022-25705 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-33213 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in modem due to buffer overflow while processing a PPP packet
network
low complexity
qualcomm CWE-120
8.8
2023-03-10 CVE-2022-40515 Double Free vulnerability in Qualcomm products
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
network
low complexity
qualcomm CWE-415
critical
9.8
2023-03-10 CVE-2022-40531 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
local
low complexity
qualcomm CWE-704
7.8
2023-02-12 CVE-2022-25728 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to buffer over-read while processing response from DNS server
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-25729 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in modem due to improper length check while copying into memory
network
low complexity
qualcomm CWE-787
critical
9.8
2023-02-12 CVE-2022-25732 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to buffer over read in dns client due to missing length check
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-25733 NULL Pointer Dereference vulnerability in Qualcomm products
Denial of service in modem due to null pointer dereference while processing DNS packets
network
low complexity
qualcomm CWE-476
7.5