Vulnerabilities > Qualcomm > Qca6436 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-06 CVE-2022-33227 Double Free vulnerability in Qualcomm products
Memory corruption in Linux android due to double free while calling unregister provider after register call.
local
low complexity
qualcomm CWE-415
7.8
2023-06-06 CVE-2022-33251 Reachable Assertion vulnerability in Qualcomm products
Transient DOS due to reachable assertion in Modem because of invalid network configuration.
network
low complexity
qualcomm CWE-617
7.5
2023-06-06 CVE-2022-33264 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
local
low complexity
qualcomm CWE-787
7.8
2023-06-06 CVE-2022-33267 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Linux while sending DRM request.
local
low complexity
qualcomm CWE-787
7.8
2023-06-06 CVE-2022-33307 Double Free vulnerability in Qualcomm products
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
local
low complexity
qualcomm CWE-415
7.8
2023-06-06 CVE-2022-40507 Double Free vulnerability in Qualcomm products
Memory corruption due to double free in Core while mapping HLOS address to the list.
local
low complexity
qualcomm CWE-415
7.8
2023-06-06 CVE-2022-40521 Improper Authentication vulnerability in Qualcomm products
Transient DOS due to improper authorization in Modem
network
low complexity
qualcomm CWE-287
7.5
2023-06-06 CVE-2022-40529 Incorrect Authorization vulnerability in Qualcomm products
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
local
low complexity
qualcomm CWE-863
7.8
2023-06-06 CVE-2022-40536 Improper Authentication vulnerability in Qualcomm products
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.
network
low complexity
qualcomm CWE-287
7.5
2023-06-06 CVE-2023-21656 Improper Input Validation vulnerability in Qualcomm products
Memory corruption in WLAN HOST while receiving an WMI event from firmware.
local
low complexity
qualcomm CWE-20
7.8