Vulnerabilities > Qualcomm > Qca6391 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-28585 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption while loading an ELF segment in TEE Kernel.
local
low complexity
qualcomm CWE-119
8.8
2023-12-05 CVE-2023-28586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
local
low complexity
qualcomm CWE-119
6.5
2023-12-05 CVE-2023-28587 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
local
low complexity
qualcomm CWE-787
7.8
2023-12-05 CVE-2023-28588 Integer Overflow or Wraparound vulnerability in Qualcomm products
Transient DOS in Bluetooth Host while rfc slot allocation.
network
low complexity
qualcomm CWE-190
7.5
2023-12-05 CVE-2023-33017 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
local
low complexity
qualcomm CWE-120
7.8
2023-12-05 CVE-2023-33018 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption while using the UIM diag command to get the operators name.
local
low complexity
qualcomm CWE-190
7.8
2023-12-05 CVE-2023-33022 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in HLOS while invoking IOCTL calls from user-space.
local
low complexity
qualcomm CWE-190
7.8
2023-12-05 CVE-2023-33024 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption while sending SMS from AP firmware.
local
low complexity
qualcomm CWE-120
7.8
2023-12-05 CVE-2023-33041 Reachable Assertion vulnerability in Qualcomm products
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.
network
low complexity
qualcomm CWE-617
7.5
2023-12-05 CVE-2023-33042 Improper Input Validation vulnerability in Qualcomm products
Transient DOS in Modem after RRC Setup message is received.
network
low complexity
qualcomm CWE-20
7.5