Vulnerabilities > Qualcomm > Mdm9628 Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-06 | CVE-2023-33067 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | 7.8 |
2024-02-06 | CVE-2023-33068 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in Audio while processing IIR config data from AFE calibration block. | 7.8 |
2024-02-06 | CVE-2023-33069 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in Audio while processing the calibration data returned from ACDB loader. | 7.8 |
2024-02-06 | CVE-2023-43513 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | 7.8 |
2024-01-02 | CVE-2023-33030 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in HLOS while running playready use-case. | 7.8 |
2024-01-02 | CVE-2023-33033 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in Audio during playback with speaker protection. | 7.8 |
2024-01-02 | CVE-2023-33120 | Use After Free vulnerability in Qualcomm products Memory corruption in Audio when memory map command is executed consecutively in ADSP. | 7.8 |
2024-01-02 | CVE-2023-43511 | Infinite Loop vulnerability in Qualcomm products Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | 7.5 |
2023-12-05 | CVE-2023-28550 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in MPP performance while accessing DSM watermark using external memory address. | 7.8 |
2023-12-05 | CVE-2023-28551 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | 7.8 |