Vulnerabilities > Qualcomm > Wcn3988 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-02 | CVE-2022-40504 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. | 7.5 |
| 2023-05-02 | CVE-2022-33292 | Use After Free vulnerability in Qualcomm products Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it. | 7.8 |
| 2023-05-02 | CVE-2022-33305 | NULL Pointer Dereference vulnerability in Qualcomm products Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. | 7.5 |
| 2023-05-02 | CVE-2022-34144 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in Modem during OSI decode scheduling. | 7.5 |
| 2023-05-02 | CVE-2022-40508 | Reachable Assertion vulnerability in Qualcomm products Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported. | 7.5 |
| 2023-05-02 | CVE-2023-21665 | Incorrect Type Conversion or Cast vulnerability in Qualcomm products Memory corruption in Graphics while importing a file. | 7.8 |
| 2023-05-02 | CVE-2023-21666 | Memory Leak vulnerability in Qualcomm products Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. | 7.8 |
| 2023-04-13 | CVE-2022-33231 | Double Free vulnerability in Qualcomm products Memory corruption due to double free in core while initializing the encryption key. | 7.8 |
| 2023-04-13 | CVE-2022-33270 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. | 5.9 |
| 2023-04-13 | CVE-2022-33288 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. | 8.8 |