Vulnerabilities > Qualcomm > Qcs400 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-06 | CVE-2023-21670 | Incorrect Authorization vulnerability in Qualcomm products Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. | 7.8 |
| 2023-05-02 | CVE-2022-40504 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. | 7.5 |
| 2023-05-02 | CVE-2022-33304 | NULL Pointer Dereference vulnerability in Qualcomm products Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet. | 7.5 |
| 2023-05-02 | CVE-2022-33305 | NULL Pointer Dereference vulnerability in Qualcomm products Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. | 7.5 |
| 2023-05-02 | CVE-2023-21665 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Memory corruption in Graphics while importing a file. | 7.8 |
| 2023-04-13 | CVE-2022-33287 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet. | 7.5 |
| 2023-04-13 | CVE-2022-33291 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length. | 7.5 |
| 2023-04-13 | CVE-2022-33302 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | 7.8 |
| 2023-04-13 | CVE-2022-40503 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. | 7.5 |
| 2023-04-13 | CVE-2022-40532 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | 7.8 |