Vulnerabilities > Qualcomm > Qca6391 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2023-33069 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in Audio while processing the calibration data returned from ACDB loader.
local
low complexity
qualcomm CWE-120
7.8
2024-02-06 CVE-2023-33072 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in Core while processing control functions.
local
low complexity
qualcomm CWE-120
7.8
2024-02-06 CVE-2023-33076 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.
local
low complexity
qualcomm CWE-787
7.8
2024-02-06 CVE-2023-33077 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in HLOS while converting from authorization token to HIDL vector.
local
low complexity
qualcomm CWE-120
7.8
2024-02-06 CVE-2023-43518 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in video while parsing invalid mp2 clip.
network
low complexity
qualcomm CWE-787
critical
9.8
2024-02-06 CVE-2023-43519 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.
network
low complexity
qualcomm CWE-120
critical
9.8
2024-02-06 CVE-2023-43520 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
network
low complexity
qualcomm CWE-787
critical
9.8
2024-02-06 CVE-2023-43534 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
network
low complexity
qualcomm CWE-119
critical
9.8
2024-02-06 CVE-2023-33046 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
local
high complexity
qualcomm CWE-367
7.0
2024-02-06 CVE-2023-33065 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Audio while accessing AVCS services from ADSP payload.
local
low complexity
qualcomm CWE-125
7.1