Vulnerabilities > Qualcomm > Qcs405 Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2023-28543 | Out-of-bounds Read vulnerability in Qualcomm products A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. | 9.8 |
| 2023-08-08 | CVE-2022-40510 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. | 9.8 |
| 2023-03-10 | CVE-2022-40537 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | 9.8 |
| 2023-03-10 | CVE-2022-40515 | Double Free vulnerability in Qualcomm products Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. | 9.8 |
| 2023-02-12 | CVE-2022-40514 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. | 9.8 |
| 2023-02-12 | CVE-2022-25729 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in modem due to improper length check while copying into memory | 9.8 |
| 2022-11-15 | CVE-2022-25727 | Improper Validation of Specified Quantity in Input vulnerability in Qualcomm products Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | 9.8 |
| 2022-11-15 | CVE-2022-25674 | Unspecified vulnerability in Qualcomm products Cryptographic issues in WLAN during the group key handshake of the WPA/WPA2 protocol in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | 9.8 |
| 2022-10-19 | CVE-2022-25748 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. | 9.8 |
| 2022-10-19 | CVE-2022-25720 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | 9.8 |