Vulnerabilities > Qualcomm > Wcn3950 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-12 CVE-2022-33248 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
local
low complexity
qualcomm CWE-190
7.8
2023-02-12 CVE-2022-33271 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-33277 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
local
low complexity
qualcomm CWE-120
7.8
2023-02-12 CVE-2022-33280 Access of Uninitialized Pointer vulnerability in Qualcomm products
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.
low complexity
qualcomm CWE-824
8.8
2023-02-12 CVE-2022-34145 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-34146 Improper Input Validation vulnerability in Qualcomm products
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
network
low complexity
qualcomm CWE-20
7.5
2023-02-12 CVE-2022-40502 Improper Input Validation vulnerability in Qualcomm products
Transient DOS due to improper input validation in WLAN Host.
network
low complexity
qualcomm CWE-20
7.5
2023-02-12 CVE-2022-40512 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
network
low complexity
qualcomm CWE-125
7.5
2023-01-09 CVE-2022-22088 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
low complexity
qualcomm CWE-787
8.8
2023-01-09 CVE-2022-25715 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields
local
low complexity
qualcomm CWE-704
7.8