Vulnerabilities > Qualcomm > Qca6574Au Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-07 | CVE-2024-23369 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. | 7.8 |
| 2024-10-07 | CVE-2024-23374 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file. | 6.7 |
| 2024-10-07 | CVE-2024-23376 | Use After Free vulnerability in Qualcomm products Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call. | 6.7 |
| 2024-10-07 | CVE-2024-33049 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame. | 7.5 |
| 2024-10-07 | CVE-2024-33064 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while parsing the multiple MBSSID IEs from the beacon. | 8.2 |
| 2024-10-07 | CVE-2024-33069 | Use After Free vulnerability in Qualcomm products Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host. | 7.5 |
| 2024-10-07 | CVE-2024-33070 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing ESP IE from beacon/probe response frame. | 7.5 |
| 2024-10-07 | CVE-2024-33071 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0. | 7.5 |
| 2024-10-07 | CVE-2024-33073 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. | 8.2 |
| 2024-10-07 | CVE-2024-38397 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing probe response and assoc response frame. | 7.5 |