Vulnerabilities > Qualcomm > Wcd9375 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-10 CVE-2022-40537 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
network
low complexity
qualcomm CWE-129
critical
9.8
2023-02-12 CVE-2022-33232 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
local
low complexity
qualcomm CWE-120
7.8
2023-02-12 CVE-2022-33233 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
local
low complexity
qualcomm CWE-787
7.8
2023-02-12 CVE-2022-33243 Unspecified vulnerability in Qualcomm products
Memory corruption due to improper access control in Qualcomm IPC.
local
low complexity
qualcomm
7.8
2023-02-12 CVE-2022-33248 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
local
low complexity
qualcomm CWE-190
7.8
2023-02-12 CVE-2022-33271 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-33277 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
local
low complexity
qualcomm CWE-120
7.8
2023-02-12 CVE-2022-33306 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-34146 Improper Input Validation vulnerability in Qualcomm products
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
network
low complexity
qualcomm CWE-20
7.5
2023-02-12 CVE-2022-40502 Improper Input Validation vulnerability in Qualcomm products
Transient DOS due to improper input validation in WLAN Host.
network
low complexity
qualcomm CWE-20
7.5