Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-09	CVE-2022-33283	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. low complexity qualcomm CWE-125	6.5
2023-01-09	CVE-2022-33284	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. low complexity qualcomm CWE-125	6.5
2023-01-09	CVE-2022-33285	Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. low complexity qualcomm CWE-125	6.5
2023-01-09	CVE-2022-33286	Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. low complexity qualcomm CWE-125	6.5
2023-01-09	CVE-2022-40518	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer overread in Core local low complexity qualcomm CWE-125	5.5
2023-01-09	CVE-2022-40519	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer overread in Core local low complexity qualcomm CWE-125	5.5
2022-04-01	CVE-2021-35088	Out-of-bounds Read vulnerability in Qualcomm products Possible out of bound read due to improper validation of IE length during SSID IE parse when channel is DFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-125	6.4
2021-11-12	CVE-2021-1903	Incorrect Authorization vulnerability in Qualcomm products Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking network low complexity qualcomm CWE-863	5.0
2021-11-12	CVE-2021-1921	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile local qualcomm CWE-367	6.9
2021-11-12	CVE-2021-30264	Use After Free vulnerability in Qualcomm products Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking local low complexity qualcomm CWE-416	4.6