Vulnerabilities > Qualcomm > Qca9887 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-28563 | Unspecified vulnerability in Qualcomm products Information disclosure in IOE Firmware while handling WMI command. | 5.5 |
| 2023-09-05 | CVE-2023-28560 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. | 7.8 |
| 2023-09-05 | CVE-2023-28564 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. | 7.8 |
| 2023-09-05 | CVE-2023-28565 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while handling command streams through WMI interfaces. | 7.8 |
| 2023-06-06 | CVE-2023-21628 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. | 7.8 |
| 2023-03-10 | CVE-2022-25655 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. | 7.8 |
| 2022-01-03 | CVE-2021-30303 | Classic Buffer Overflow vulnerability in Qualcomm products Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2021-11-12 | CVE-2021-1924 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 5.5 |
| 2021-10-20 | CVE-2021-1980 | Out-of-bounds Read vulnerability in Qualcomm products Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 9.1 |
| 2021-09-17 | CVE-2021-1947 | Use After Free vulnerability in Qualcomm products Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.8 |