Vulnerabilities > Qualcomm > Wcd9380 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-04-13 CVE-2022-33288 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
local
low complexity
qualcomm CWE-120
8.8
2023-04-13 CVE-2022-33289 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
low complexity
qualcomm CWE-129
6.8
2023-04-13 CVE-2022-33291 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-33296 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
local
low complexity
qualcomm CWE-190
7.8
2023-04-13 CVE-2022-33298 Use After Free vulnerability in Qualcomm products
Memory corruption due to use after free in Modem while modem initialization.
local
low complexity
qualcomm CWE-416
7.8
2023-04-13 CVE-2022-33302 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
local
low complexity
qualcomm CWE-129
7.8
2023-04-13 CVE-2022-40503 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-40532 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
local
low complexity
qualcomm CWE-190
7.8
2023-04-13 CVE-2023-21630 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-22075 Unspecified vulnerability in Qualcomm products
Information Disclosure in Graphics during GPU context switch.
local
low complexity
qualcomm
5.5