Vulnerabilities > Qualcomm > Qca6431 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-04 CVE-2023-28541 Out-of-bounds Read vulnerability in Qualcomm products
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
local
low complexity
qualcomm CWE-125
7.8
2023-07-04 CVE-2023-28542 Out-of-bounds Read vulnerability in Qualcomm products
Memory Corruption in WLAN HOST while fetching TX status information.
local
low complexity
qualcomm CWE-125
7.8
2023-06-06 CVE-2022-22060 Reachable Assertion vulnerability in Qualcomm products
Assertion occurs while processing Reconfiguration message due to improper validation
network
low complexity
qualcomm CWE-617
7.5
2023-06-06 CVE-2022-33251 Reachable Assertion vulnerability in Qualcomm products
Transient DOS due to reachable assertion in Modem because of invalid network configuration.
network
low complexity
qualcomm CWE-617
7.5
2023-06-06 CVE-2022-33264 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
local
low complexity
qualcomm CWE-787
7.8
2023-06-06 CVE-2022-33307 Double Free vulnerability in Qualcomm products
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
local
low complexity
qualcomm CWE-415
7.8
2023-06-06 CVE-2022-40507 Double Free vulnerability in Qualcomm products
Memory corruption due to double free in Core while mapping HLOS address to the list.
local
low complexity
qualcomm CWE-415
7.8
2023-06-06 CVE-2022-40521 Improper Authentication vulnerability in Qualcomm products
Transient DOS due to improper authorization in Modem
network
low complexity
qualcomm CWE-287
7.5
2023-06-06 CVE-2022-40529 Incorrect Authorization vulnerability in Qualcomm products
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
local
low complexity
qualcomm CWE-863
7.8
2023-06-06 CVE-2022-40536 Improper Authentication vulnerability in Qualcomm products
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.
network
low complexity
qualcomm CWE-287
7.5