Vulnerabilities > Qualcomm > Qfe1952 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-28563 | Unspecified vulnerability in Qualcomm products Information disclosure in IOE Firmware while handling WMI command. | 5.5 |
| 2023-09-05 | CVE-2023-28560 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. | 7.8 |
| 2023-09-05 | CVE-2023-28564 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. | 7.8 |
| 2023-09-05 | CVE-2023-28565 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while handling command streams through WMI interfaces. | 7.8 |
| 2023-06-06 | CVE-2023-21628 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. | 7.8 |
| 2023-03-10 | CVE-2022-25655 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. | 7.8 |
| 2021-11-12 | CVE-2021-1924 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 2.1 |
| 2021-09-09 | CVE-2021-1909 | Classic Buffer Overflow vulnerability in Qualcomm products Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.2 |
| 2021-09-08 | CVE-2020-11301 | Improper Authentication vulnerability in Qualcomm products Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 5.0 |
| 2021-09-08 | CVE-2021-1928 | Out-of-bounds Read vulnerability in Qualcomm products Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 3.6 |