Vulnerabilities > Qualcomm > Wcn3998 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-21651 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.
local
low complexity
qualcomm CWE-704
7.8
7.8
2023-08-08 CVE-2023-21652 Use of Hard-coded Credentials vulnerability in Qualcomm products
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
local
low complexity
qualcomm CWE-798
7.1
7.1
2023-08-08 CVE-2023-22666 Out-of-bounds Write vulnerability in Qualcomm products
Memory Corruption in Audio while playing amrwbplus clips with modified content.
local
low complexity
qualcomm CWE-787
7.8
7.8
2023-08-08 CVE-2023-28537 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while allocating memory in COmxApeDec module in Audio.
local
low complexity
qualcomm CWE-787
7.8
7.8
2023-08-08 CVE-2023-28555 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS in Audio while remapping channel buffer in media codec decoding.
network
low complexity
qualcomm CWE-125
7.5
7.5
2023-06-06 CVE-2022-22060 Reachable Assertion vulnerability in Qualcomm products
Assertion occurs while processing Reconfiguration message due to improper validation
network
low complexity
qualcomm CWE-617
7.5
7.5
2023-06-06 CVE-2022-22076 Unspecified vulnerability in Qualcomm products
information disclosure due to cryptographic issue in Core during RPMB read request.
local
low complexity
qualcomm
5.5
5.5
2023-06-06 CVE-2022-33224 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.
local
low complexity
qualcomm CWE-120
7.8
7.8
2023-06-06 CVE-2022-33226 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.
local
low complexity
qualcomm CWE-120
7.8
7.8
2023-06-06 CVE-2022-33227 Double Free vulnerability in Qualcomm products
Memory corruption in Linux android due to double free while calling unregister provider after register call.
local
low complexity
qualcomm CWE-415
7.8
7.8