Vulnerabilities > Qualcomm > Qcn9074 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-10 | CVE-2022-40515 | Double Free vulnerability in Qualcomm products Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. | 9.8 |
| 2023-03-10 | CVE-2022-40527 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM. | 7.5 |
| 2023-03-10 | CVE-2022-40530 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | 7.8 |
| 2023-03-10 | CVE-2022-40531 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. | 7.8 |
| 2023-03-10 | CVE-2022-40535 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS due to buffer over-read in WLAN while sending a packet to device. | 7.5 |
| 2023-03-10 | CVE-2022-40537 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | 9.8 |
| 2023-02-12 | CVE-2022-33243 | Unspecified vulnerability in Qualcomm products Memory corruption due to improper access control in Qualcomm IPC. | 7.8 |
| 2023-02-12 | CVE-2022-33246 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id. | 7.8 |
| 2023-02-12 | CVE-2022-33271 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer over-read in WLAN while parsing NMF frame. | 7.5 |
| 2023-02-12 | CVE-2022-33277 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command. | 7.8 |