Vulnerabilities > Qualcomm > Qfw7114 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-33018 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption while using the UIM diag command to get the operators name.
local
low complexity
qualcomm CWE-190
7.8
2023-12-05 CVE-2023-33022 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in HLOS while invoking IOCTL calls from user-space.
local
low complexity
qualcomm CWE-190
7.8
2023-12-05 CVE-2023-33024 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption while sending SMS from AP firmware.
local
low complexity
qualcomm CWE-120
7.8
2023-12-05 CVE-2023-33041 Reachable Assertion vulnerability in Qualcomm products
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids.
network
low complexity
qualcomm CWE-617
7.5
2023-12-05 CVE-2023-33079 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption in Audio while running invalid audio recording from ADSP.
local
low complexity
qualcomm CWE-119
7.8
2023-12-05 CVE-2023-33080 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
network
low complexity
qualcomm CWE-125
7.5
2023-12-05 CVE-2023-33081 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
network
low complexity
qualcomm CWE-125
7.5
2023-12-05 CVE-2023-33087 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in Core while processing RX intent request.
local
low complexity
qualcomm CWE-120
7.8
2023-12-05 CVE-2023-33088 NULL Pointer Dereference vulnerability in Qualcomm products
Memory corruption when processing cmd parameters while parsing vdev.
local
low complexity
qualcomm CWE-476
7.8
2023-12-05 CVE-2023-33089 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
network
low complexity
qualcomm CWE-476
7.5