Vulnerabilities > Qualcomm > Qca9898 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-02 | CVE-2024-33050 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. | 7.5 |
| 2024-08-05 | CVE-2024-21459 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while handling beacon or probe response frame in STA. | 7.5 |
| 2024-01-02 | CVE-2023-43511 | Infinite Loop vulnerability in Qualcomm products Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | 7.5 |
| 2023-12-05 | CVE-2023-33063 | Use After Free vulnerability in Qualcomm products Memory corruption in DSP Services during a remote call from HLOS to DSP. | 7.8 |
| 2023-12-05 | CVE-2023-33080 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. | 7.5 |
| 2023-10-03 | CVE-2023-28539 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. | 7.8 |
| 2023-10-03 | CVE-2023-33027 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS in WLAN Firmware while parsing rsn ies. | 7.5 |
| 2023-09-05 | CVE-2022-33275 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | 7.8 |
| 2023-09-05 | CVE-2023-28544 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers. | 7.8 |
| 2023-09-05 | CVE-2023-28549 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. | 7.8 |