Vulnerabilities > Qualcomm > Msm8917 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2022-40510 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
network
low complexity
qualcomm CWE-787
critical
9.8
2023-03-10 CVE-2022-40537 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
network
low complexity
qualcomm CWE-129
critical
9.8
2022-10-19 CVE-2022-25720 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-129
critical
9.8
2022-10-19 CVE-2022-25719 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
9.1
2022-10-19 CVE-2022-25718 Unchecked Return Value vulnerability in Qualcomm products
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-252
critical
9.8
2022-10-19 CVE-2022-25687 Classic Buffer Overflow vulnerability in Qualcomm products
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-120
critical
9.8
2022-09-16 CVE-2022-25688 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-120
critical
9.8
2022-09-16 CVE-2022-25686 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in video module due to buffer overflow while processing WAV file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
network
low complexity
qualcomm CWE-120
critical
9.8
2022-09-02 CVE-2022-25668 Double Free vulnerability in Qualcomm products
Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-415
critical
9.8
2022-09-02 CVE-2022-25659 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-120
critical
9.8