Vulnerabilities > Qualcomm > Qca9367 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-33030 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size. | 6.7 |
| 2024-10-07 | CVE-2024-23370 | Use After Free vulnerability in Qualcomm products Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same. | 6.7 |
| 2024-10-07 | CVE-2024-23374 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file. | 6.7 |
| 2023-12-05 | CVE-2023-28586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | 6.5 |
| 2023-06-06 | CVE-2022-22076 | Unspecified vulnerability in Qualcomm products information disclosure due to cryptographic issue in Core during RPMB read request. | 5.5 |
| 2023-04-13 | CVE-2022-33289 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 6.8 |
| 2023-03-10 | CVE-2022-22075 | Unspecified vulnerability in Qualcomm products Information Disclosure in Graphics during GPU context switch. | 5.5 |
| 2023-01-09 | CVE-2022-33285 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | 6.5 |
| 2023-01-09 | CVE-2022-33286 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | 6.5 |
| 2022-06-14 | CVE-2021-30342 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | 5.9 |