Vulnerabilities > Qualcomm > Snapdragon 4 GEN 1 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2022-40515 Double Free vulnerability in Qualcomm products
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
network
low complexity
qualcomm CWE-415
critical
9.8
2023-03-10 CVE-2022-40530 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-40531 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
local
low complexity
qualcomm CWE-704
7.8
2023-03-10 CVE-2022-40535 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS due to buffer over-read in WLAN while sending a packet to device.
network
low complexity
qualcomm CWE-125
7.5
2023-03-10 CVE-2022-40537 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
network
low complexity
qualcomm CWE-129
critical
9.8
2023-02-12 CVE-2022-33233 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
local
low complexity
qualcomm CWE-787
7.8
2023-02-12 CVE-2022-33248 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
local
low complexity
qualcomm CWE-190
7.8
2023-02-12 CVE-2022-33271 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-33277 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
local
low complexity
qualcomm CWE-120
7.8
2023-02-12 CVE-2022-40512 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
network
low complexity
qualcomm CWE-125
7.5