Vulnerabilities > Qualcomm > Wcd9306 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-04-13 CVE-2022-33228 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-33231 Double Free vulnerability in Qualcomm products
Memory corruption due to double free in core while initializing the encryption key.
local
low complexity
qualcomm CWE-415
7.8
2023-04-13 CVE-2022-33259 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received.
network
low complexity
qualcomm CWE-120
critical
9.8
2023-04-13 CVE-2022-33287 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-33289 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
low complexity
qualcomm CWE-129
6.8
2023-04-13 CVE-2022-33291 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-33294 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.
network
low complexity
qualcomm CWE-476
7.5
2023-04-13 CVE-2022-33295 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-33302 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
local
low complexity
qualcomm CWE-129
7.8
2023-04-13 CVE-2022-40532 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
local
low complexity
qualcomm CWE-190
7.8