Vulnerabilities > Qualcomm > Sd888 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-16 CVE-2022-22066 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
local
low complexity
qualcomm CWE-125
7.8
2022-09-16 CVE-2022-22091 Unspecified vulnerability in Qualcomm products
Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
network
low complexity
qualcomm
7.5
2022-09-16 CVE-2022-22092 Use After Free vulnerability in Qualcomm products
Memory corruption in kernel due to use after free issue in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
low complexity
qualcomm CWE-416
7.8
2022-09-16 CVE-2022-22093 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption or temporary denial of service due to improper handling of concurrent hypervisor operations to attach or detach IRQs from virtual interrupt sources in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
high complexity
qualcomm CWE-367
7.0
2022-09-16 CVE-2022-22094 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
local
high complexity
qualcomm CWE-367
7.0
2022-09-16 CVE-2022-25656 Integer Overflow or Wraparound vulnerability in Qualcomm products
Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
low complexity
qualcomm CWE-190
7.8
2022-09-16 CVE-2022-25669 Out-of-bounds Read vulnerability in Qualcomm products
Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.5
2022-09-16 CVE-2022-25690 Improper Validation of Array Index vulnerability in Qualcomm products
Information disclosure in WLAN due to improper validation of array index while parsing crafted ANQP action frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
network
low complexity
qualcomm CWE-129
7.5
2022-09-16 CVE-2022-25696 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in display due to time-of-check time-of-use race condition during map or unmap in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
local
high complexity
qualcomm CWE-367
7.0
2022-09-16 CVE-2022-25706 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
network
low complexity
qualcomm CWE-125
7.5