Vulnerabilities > Qualcomm > Qcs4290 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2022-33278 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.
local
low complexity
qualcomm CWE-120
7.8
2023-03-10 CVE-2022-40515 Double Free vulnerability in Qualcomm products
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
network
low complexity
qualcomm CWE-415
critical
9.8
2023-03-10 CVE-2022-40531 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
local
low complexity
qualcomm CWE-704
7.8
2023-03-10 CVE-2022-40537 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
network
low complexity
qualcomm CWE-129
critical
9.8
2023-02-12 CVE-2022-33233 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
local
low complexity
qualcomm CWE-787
7.8
2023-02-12 CVE-2022-33248 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
local
low complexity
qualcomm CWE-190
7.8
2023-02-12 CVE-2022-33277 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
local
low complexity
qualcomm CWE-120
7.8
2023-02-12 CVE-2022-40512 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-40514 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
network
low complexity
qualcomm CWE-787
critical
9.8
2023-01-09 CVE-2022-22088 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
low complexity
qualcomm CWE-787
8.8