Vulnerabilities > Qualcomm > Snapdragon XR2 GEN 1 Platform Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2023-28538 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. | 7.8 |
| 2023-09-05 | CVE-2023-28548 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. | 7.8 |
| 2023-09-05 | CVE-2023-28549 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. | 7.8 |
| 2023-09-05 | CVE-2023-28557 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. | 7.8 |
| 2023-09-05 | CVE-2023-28558 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in WLAN handler while processing PhyID in Tx status handler. | 7.8 |
| 2023-08-08 | CVE-2023-28537 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while allocating memory in COmxApeDec module in Audio. | 7.8 |
| 2023-06-06 | CVE-2022-40507 | Double Free vulnerability in Qualcomm products Memory corruption due to double free in Core while mapping HLOS address to the list. | 7.8 |
| 2023-06-06 | CVE-2022-40529 | Incorrect Authorization vulnerability in Qualcomm products Memory corruption due to improper access control in kernel while processing a mapping request from root process. | 7.8 |
| 2023-06-06 | CVE-2023-21656 | Improper Input Validation vulnerability in Qualcomm products Memory corruption in WLAN HOST while receiving an WMI event from firmware. | 7.8 |
| 2023-06-06 | CVE-2023-21657 | Improper Input Validation vulnerability in Qualcomm products Memoru corruption in Audio when ADSP sends input during record use case. | 7.8 |