Vulnerabilities > Qualcomm > Qcn7605 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-28586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | 6.5 |
| 2023-11-07 | CVE-2023-28563 | Unspecified vulnerability in Qualcomm products Information disclosure in IOE Firmware while handling WMI command. | 5.5 |
| 2023-11-07 | CVE-2023-28566 | Unspecified vulnerability in Qualcomm products Information disclosure in WLAN HAL while handling the WMI state info command. | 5.5 |
| 2023-11-07 | CVE-2023-28569 | Unspecified vulnerability in Qualcomm products Information disclosure in WLAN HAL while handling command through WMI interfaces. | 5.5 |
| 2023-01-09 | CVE-2022-33285 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | 6.5 |
| 2023-01-09 | CVE-2022-33286 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | 6.5 |
| 2022-06-14 | CVE-2021-30327 | Classic Buffer Overflow vulnerability in Qualcomm products Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music | 6.8 |
| 2022-01-03 | CVE-2021-30348 | Resource Exhaustion vulnerability in Qualcomm products Improper validation of LLM utility timers availability can lead to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | 6.5 |
| 2021-11-12 | CVE-2021-1903 | Incorrect Authorization vulnerability in Qualcomm products Possible denial of service scenario can occur due to lack of length check on Channel Switch Announcement IE in beacon or probe response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | 5.3 |
| 2021-09-09 | CVE-2021-1956 | Unspecified vulnerability in Qualcomm products Improper handling of ASB-U packet with L2CAP channel ID by slave host can lead to interference with piconet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music low complexity qualcomm | 6.5 |