Vulnerabilities > Qualcomm > Wcn3990 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-21625 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
network
low complexity
qualcomm CWE-125
7.5
2023-08-08 CVE-2023-21626 Improper Authentication vulnerability in Qualcomm products
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
local
low complexity
qualcomm CWE-287
7.1
2023-08-08 CVE-2023-21651 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
local
low complexity
qualcomm CWE-704
7.8
2023-08-08 CVE-2023-21652 Use of Hard-coded Credentials vulnerability in Qualcomm products
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
local
low complexity
qualcomm CWE-798
7.1
2023-08-08 CVE-2023-22666 Out-of-bounds Write vulnerability in Qualcomm products
Memory Corruption in Audio while playing amrwbplus clips with modified content.
local
low complexity
qualcomm CWE-787
7.8
2023-08-08 CVE-2023-28537 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while allocating memory in COmxApeDec module in Audio.
local
low complexity
qualcomm CWE-787
7.8
2023-07-04 CVE-2023-21624 Unspecified vulnerability in Qualcomm products
Information disclosure in DSP Services while loading dynamic module.
local
low complexity
qualcomm
5.5
2023-07-04 CVE-2023-21629 Double Free vulnerability in Qualcomm products
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
low complexity
qualcomm CWE-415
6.8
2023-07-04 CVE-2023-21631 Unspecified vulnerability in Qualcomm products
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.
network
low complexity
qualcomm
critical
9.8
2023-07-04 CVE-2023-21633 Out-of-bounds Write vulnerability in Qualcomm products
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
local
low complexity
qualcomm CWE-787
7.8