Vulnerabilities > Qualcomm > Sm6375 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-13 | CVE-2022-33231 | Double Free vulnerability in Qualcomm products Memory corruption due to double free in core while initializing the encryption key. | 7.8 |
| 2023-04-13 | CVE-2022-33270 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. | 5.9 |
| 2023-04-13 | CVE-2022-33289 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 6.8 |
| 2023-04-13 | CVE-2022-33296 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | 7.8 |
| 2023-04-13 | CVE-2022-33298 | Use After Free vulnerability in Qualcomm products Memory corruption due to use after free in Modem while modem initialization. | 7.8 |
| 2023-04-13 | CVE-2022-33302 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | 7.8 |
| 2023-04-13 | CVE-2022-40503 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. | 7.5 |
| 2023-04-13 | CVE-2022-40532 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | 7.8 |
| 2022-06-14 | CVE-2021-30281 | Unspecified vulnerability in Qualcomm products Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | 7.8 |
| 2022-06-14 | CVE-2021-30334 | Use After Free vulnerability in Qualcomm products Possible use after free due to lack of null check of DRM file status after file structure is freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | 7.8 |