Vulnerabilities > Qualcomm > Qca1023 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-02 | CVE-2023-43511 | Infinite Loop vulnerability in Qualcomm products Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | 7.5 |
| 2023-09-05 | CVE-2023-28565 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while handling command streams through WMI interfaces. | 7.8 |
| 2023-06-06 | CVE-2023-21628 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. | 7.8 |
| 2023-02-12 | CVE-2022-40512 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. | 7.5 |
| 2022-12-13 | CVE-2022-33238 | Infinite Loop vulnerability in Qualcomm products Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. | 7.5 |
| 2022-10-19 | CVE-2022-25749 | Out-of-bounds Read vulnerability in Qualcomm products Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. | 7.5 |
| 2022-01-03 | CVE-2021-30303 | Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2021-10-20 | CVE-2021-30288 | Out-of-bounds Write vulnerability in Qualcomm products Possible stack overflow due to improper length check of TLV while copying the TLV to a local stack variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2021-09-17 | CVE-2021-30260 | Integer Overflow or Wraparound vulnerability in Qualcomm products Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2021-06-09 | CVE-2020-11235 | Integer Overflow or Wraparound vulnerability in Qualcomm products Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.8 |