Vulnerabilities > Qualcomm > Qrb5165M Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-10 | CVE-2022-40530 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | 7.8 |
2023-03-10 | CVE-2022-40531 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. | 7.8 |
2023-03-10 | CVE-2022-40537 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | 9.8 |
2023-02-12 | CVE-2022-33232 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory. | 7.8 |
2023-02-12 | CVE-2022-33271 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer over-read in WLAN while parsing NMF frame. | 7.5 |
2023-02-12 | CVE-2022-33277 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command. | 7.8 |
2023-02-12 | CVE-2022-33279 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. | 9.8 |
2023-02-12 | CVE-2022-33280 | Access of Uninitialized Pointer vulnerability in Qualcomm products Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet. | 8.8 |
2023-02-12 | CVE-2022-40512 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. | 7.5 |
2023-02-12 | CVE-2022-40514 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. | 9.8 |