Vulnerabilities > Qualcomm > Wcd9306 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2022-25694 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
local
low complexity
qualcomm CWE-119
7.8
2023-03-10 CVE-2022-25705 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-33213 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in modem due to buffer overflow while processing a PPP packet
network
low complexity
qualcomm CWE-120
8.8
2023-03-10 CVE-2022-33257 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
local
high complexity
qualcomm CWE-367
7.0
2023-03-10 CVE-2022-40531 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
local
low complexity
qualcomm CWE-704
7.8
2023-02-12 CVE-2022-25728 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to buffer over-read while processing response from DNS server
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-25729 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in modem due to improper length check while copying into memory
network
low complexity
qualcomm CWE-787
critical
9.8
2023-02-12 CVE-2022-25732 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to buffer over read in dns client due to missing length check
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-25733 NULL Pointer Dereference vulnerability in Qualcomm products
Denial of service in modem due to null pointer dereference while processing DNS packets
network
low complexity
qualcomm CWE-476
7.5
2023-02-12 CVE-2022-25734 Infinite Loop vulnerability in Qualcomm products
Denial of service in modem due to missing null check while processing IP packets with padding
network
low complexity
qualcomm CWE-835
7.5