Vulnerabilities > Qualcomm > Sdx57M Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-13 | CVE-2022-33270 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. | 5.9 |
| 2023-04-13 | CVE-2022-33288 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. | 8.8 |
| 2023-04-13 | CVE-2022-33289 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 6.8 |
| 2023-04-13 | CVE-2022-33302 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | 7.8 |
| 2023-03-10 | CVE-2022-25694 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM | 7.8 |
| 2023-03-10 | CVE-2022-25705 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | 7.8 |
| 2023-03-10 | CVE-2022-33213 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in modem due to buffer overflow while processing a PPP packet | 8.8 |
| 2023-03-10 | CVE-2022-33244 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout | 7.5 |
| 2023-03-10 | CVE-2022-33250 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover. | 7.5 |
| 2023-03-10 | CVE-2022-33254 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in Modem while processing SIB1 Message. | 7.5 |