Vulnerabilities > Qualcomm > Qcn9001 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-38408 Unspecified vulnerability in Qualcomm products
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
network
low complexity
qualcomm
critical
9.1
2024-07-01 CVE-2024-23368 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption when allocating and accessing an entry in an SMEM partition.
local
low complexity
qualcomm CWE-120
7.8
2024-02-06 CVE-2023-43513 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
local
low complexity
qualcomm CWE-787
7.8
2024-02-06 CVE-2023-43522 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
network
low complexity
qualcomm CWE-476
7.5
2024-02-06 CVE-2023-43523 Reachable Assertion vulnerability in Qualcomm products
Transient DOS while processing 11AZ RTT management action frame received through OTA.
network
low complexity
qualcomm CWE-617
7.5
2024-02-06 CVE-2023-43536 Unspecified vulnerability in Qualcomm products
Transient DOS while parse fils IE with length equal to 1.
network
low complexity
qualcomm
7.5
2024-01-02 CVE-2023-33062 Unspecified vulnerability in Qualcomm products
Transient DOS in WLAN Firmware while parsing a BTM request.
network
low complexity
qualcomm
7.5
2024-01-02 CVE-2023-33109 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
network
low complexity
qualcomm CWE-476
7.5
2024-01-02 CVE-2023-43511 Infinite Loop vulnerability in Qualcomm products
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
network
low complexity
qualcomm CWE-835
7.5
2023-12-05 CVE-2023-33080 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
network
low complexity
qualcomm CWE-125
7.5