Vulnerabilities > Qualcomm > SD 8CX Gen2 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2023-21662 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in Core Platform while printing the response buffer in log. | 7.8 |
| 2023-09-05 | CVE-2023-21664 | Out-of-bounds Write vulnerability in Qualcomm products Memory Corruption in Core Platform while printing the response buffer in log. | 7.8 |
| 2023-09-05 | CVE-2023-28538 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. | 7.8 |
| 2023-08-08 | CVE-2023-21626 | Improper Authentication vulnerability in Qualcomm products Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. | 7.1 |
| 2023-08-08 | CVE-2023-21651 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. | 7.8 |
| 2023-04-13 | CVE-2022-33231 | Double Free vulnerability in Qualcomm products Memory corruption due to double free in core while initializing the encryption key. | 7.8 |
| 2023-04-13 | CVE-2022-33269 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. | 7.8 |
| 2023-04-13 | CVE-2022-33288 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. | 8.8 |
| 2023-04-13 | CVE-2022-33302 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | 7.8 |
| 2023-04-13 | CVE-2022-40532 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | 7.8 |