Vulnerabilities > Qualcomm > Wcn3999 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-04-13 CVE-2022-33291 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.
network
low complexity
qualcomm CWE-125
7.5
2023-04-13 CVE-2022-40532 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-25655 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
local
low complexity
qualcomm CWE-120
7.8
2023-03-10 CVE-2022-33242 Improper Authentication vulnerability in Qualcomm products
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
local
low complexity
qualcomm CWE-287
7.8
2023-03-10 CVE-2022-33257 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
local
high complexity
qualcomm CWE-367
7.0
2023-03-10 CVE-2022-40530 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
local
low complexity
qualcomm CWE-190
7.8
2023-03-10 CVE-2022-40531 Incorrect Type Conversion or Cast vulnerability in Qualcomm products
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
local
low complexity
qualcomm CWE-704
7.8
2023-02-12 CVE-2022-25728 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to buffer over-read while processing response from DNS server
network
low complexity
qualcomm CWE-125
7.5
2023-02-12 CVE-2022-25729 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption in modem due to improper length check while copying into memory
network
low complexity
qualcomm CWE-787
critical
9.8
2023-02-12 CVE-2022-25732 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in modem due to buffer over read in dns client due to missing length check
network
low complexity
qualcomm CWE-125
7.5