Vulnerabilities > Qualcomm > Qca6421 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-10 | CVE-2022-25705 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | 7.8 |
| 2023-03-10 | CVE-2022-25709 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption in modem due to use of out of range pointer offset while processing qmi msg | 7.8 |
| 2023-03-10 | CVE-2022-33213 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in modem due to buffer overflow while processing a PPP packet | 8.8 |
| 2023-03-10 | CVE-2022-33242 | Improper Authentication vulnerability in Qualcomm products Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD. | 7.8 |
| 2023-03-10 | CVE-2022-33250 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover. | 7.5 |
| 2023-03-10 | CVE-2022-33254 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in Modem while processing SIB1 Message. | 7.5 |
| 2023-03-10 | CVE-2022-33257 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. | 7.0 |
| 2023-03-10 | CVE-2022-33278 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity. | 7.8 |
| 2023-03-10 | CVE-2022-40530 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | 7.8 |
| 2023-03-10 | CVE-2022-40531 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. | 7.8 |