Vulnerabilities > Qualcomm > Qca6698Aq Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-04-13 CVE-2022-33231 Double Free vulnerability in Qualcomm products
Memory corruption due to double free in core while initializing the encryption key.
local
low complexity
qualcomm CWE-415
7.8
2023-04-13 CVE-2022-33269 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
local
low complexity
qualcomm CWE-190
7.8
2023-04-13 CVE-2022-33270 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
network
high complexity
qualcomm CWE-367
5.9
2023-04-13 CVE-2022-33288 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
local
low complexity
qualcomm CWE-120
8.8
2023-04-13 CVE-2022-33289 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
low complexity
qualcomm CWE-129
6.8
2023-04-13 CVE-2022-33296 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
local
low complexity
qualcomm CWE-190
7.8
2023-04-13 CVE-2022-33302 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
local
low complexity
qualcomm CWE-129
7.8
2023-04-13 CVE-2022-40532 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-33242 Improper Authentication vulnerability in Qualcomm products
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
local
low complexity
qualcomm CWE-287
7.8
2023-03-10 CVE-2022-33257 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
local
high complexity
qualcomm CWE-367
7.0