Vulnerabilities > Qualcomm > SD 8 Gen1 5G Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2022-25694 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
local
low complexity
qualcomm CWE-119
7.8
2023-03-10 CVE-2022-25705 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-25709 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption in modem due to use of out of range pointer offset while processing qmi msg
local
low complexity
qualcomm CWE-119
7.8
2023-03-10 CVE-2022-33213 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in modem due to buffer overflow while processing a PPP packet
network
low complexity
qualcomm CWE-120
8.8
2023-03-10 CVE-2022-33242 Improper Authentication vulnerability in Qualcomm products
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
local
low complexity
qualcomm CWE-287
7.8
2023-03-10 CVE-2022-33244 Reachable Assertion vulnerability in Qualcomm products
Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout
network
low complexity
qualcomm CWE-617
7.5
2023-03-10 CVE-2022-33250 Reachable Assertion vulnerability in Qualcomm products
Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.
network
low complexity
qualcomm CWE-617
7.5
2023-03-10 CVE-2022-33254 Reachable Assertion vulnerability in Qualcomm products
Transient DOS due to reachable assertion in Modem while processing SIB1 Message.
network
low complexity
qualcomm CWE-617
7.5
2023-03-10 CVE-2022-33256 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption due to improper validation of array index in Multi-mode call processor.
network
low complexity
qualcomm CWE-129
critical
9.8
2023-03-10 CVE-2022-33257 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
local
high complexity
qualcomm CWE-367
7.0