Vulnerabilities > Qualcomm > SD 455 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-06-06 CVE-2022-22076 Unspecified vulnerability in Qualcomm products
information disclosure due to cryptographic issue in Core during RPMB read request.
local
low complexity
qualcomm
5.5
2023-06-06 CVE-2022-33264 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
local
low complexity
qualcomm CWE-787
7.8
2023-06-06 CVE-2022-40507 Double Free vulnerability in Qualcomm products
Memory corruption due to double free in Core while mapping HLOS address to the list.
local
low complexity
qualcomm CWE-415
7.8
2023-06-06 CVE-2022-40521 Improper Authentication vulnerability in Qualcomm products
Transient DOS due to improper authorization in Modem
network
low complexity
qualcomm CWE-287
7.5
2023-06-06 CVE-2023-21628 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
local
low complexity
qualcomm CWE-787
7.8
2023-05-02 CVE-2022-40504 Reachable Assertion vulnerability in Qualcomm products
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
network
low complexity
qualcomm CWE-617
7.5
2023-04-13 CVE-2022-33231 Double Free vulnerability in Qualcomm products
Memory corruption due to double free in core while initializing the encryption key.
local
low complexity
qualcomm CWE-415
7.8
2023-04-13 CVE-2022-33289 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
low complexity
qualcomm CWE-129
6.8
2023-04-13 CVE-2022-33302 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
local
low complexity
qualcomm CWE-129
7.8
2023-04-13 CVE-2022-40532 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
local
low complexity
qualcomm CWE-190
7.8