Vulnerabilities > Qualcomm > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-28561 Out-of-bounds Write vulnerability in Qualcomm Qcn7606 Firmware
Memory corruption in QESL while processing payload from external ESL device to firmware.
network
low complexity
qualcomm CWE-787
critical
9.8
2023-07-04 CVE-2023-21631 Unspecified vulnerability in Qualcomm products
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
network
low complexity
qualcomm
critical
9.8
2023-04-13 CVE-2022-25678 Out-of-bounds Write vulnerability in Qualcomm products
Memory correction in modem due to buffer overwrite during coap connection
network
low complexity
qualcomm CWE-787
critical
9.8
2023-04-13 CVE-2022-25740 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface
network
low complexity
qualcomm CWE-787
critical
9.8
2023-04-13 CVE-2022-25745 Always-Incorrect Control Flow Implementation vulnerability in Qualcomm products
Memory corruption in modem due to improper input validation while handling the incoming CoAP message
network
low complexity
qualcomm CWE-670
critical
9.8
2023-04-13 CVE-2022-33211 Incorrect Calculation of Buffer Size vulnerability in Qualcomm products
memory corruption in modem due to improper check while calculating size of serialized CoAP message
network
low complexity
qualcomm CWE-131
critical
9.8
2023-04-13 CVE-2022-33259 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.
network
low complexity
qualcomm CWE-120
critical
9.8
2023-03-10 CVE-2022-33256 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption due to improper validation of array index in Multi-mode call processor.
network
low complexity
qualcomm CWE-129
critical
9.8
2023-03-10 CVE-2022-40515 Double Free vulnerability in Qualcomm products
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
network
low complexity
qualcomm CWE-415
critical
9.8
2023-03-10 CVE-2022-40537 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
network
low complexity
qualcomm CWE-129
critical
9.8