High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-12	CVE-2022-33248	Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. local low complexity qualcomm CWE-190	7.8
2023-02-12	CVE-2022-33277	Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command. local low complexity qualcomm CWE-120	7.8
2023-02-12	CVE-2022-40512	Out-of-bounds Read vulnerability in Qualcomm products Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. network low complexity qualcomm CWE-125	7.5
2023-01-09	CVE-2022-22088	Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote low complexity qualcomm CWE-787	8.8
2023-01-09	CVE-2022-40516	Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in Core due to stack-based buffer overflow. local low complexity qualcomm CWE-787	7.8
2023-01-09	CVE-2022-40517	Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in core due to stack-based buffer overflow local low complexity qualcomm CWE-787	7.8
2022-12-13	CVE-2022-25682	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-119	7.8
2022-12-13	CVE-2022-25685	Unspecified vulnerability in Qualcomm products Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables network low complexity qualcomm	7.5
2022-12-13	CVE-2022-25695	Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables local low complexity qualcomm CWE-129	7.8
2022-12-13	CVE-2022-33235	Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. network low complexity qualcomm CWE-125	7.5