Total
140 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33237 | 1 Qualcomm | 476 Aqt1000, Aqt1000 Firmware, Ar8031 and 473 more | 2025-04-22 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-33235 | 1 Qualcomm | 492 Apq8009, Apq8009 Firmware, Apq8096au and 489 more | 2025-04-22 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-25749 | 1 Qualcomm | 552 Apq8009, Apq8009 Firmware, Apq8017 and 549 more | 2025-04-22 | N/A | 7.5 HIGH |
| Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-25748 | 1 Qualcomm | 546 Apq8009, Apq8009 Firmware, Apq8017 and 543 more | 2025-04-22 | N/A | 9.8 CRITICAL |
| Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-25677 | 1 Qualcomm | 286 Apq8096au, Apq8096au Firmware, Aqt1000 and 283 more | 2025-04-22 | N/A | 6.7 MEDIUM |
| Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-25667 | 1 Qualcomm | 138 Ar9380, Ar9380 Firmware, Csr8811 and 135 more | 2025-04-22 | N/A | 7.5 HIGH |
| Information disclosure in kernel due to improper handling of ICMP requests in Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-33238 | 1 Qualcomm | 568 Apq8009, Apq8009 Firmware, Apq8017 and 565 more | 2025-04-22 | N/A | 7.5 HIGH |
| Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-25722 | 1 Qualcomm | 156 Apq8096au, Apq8096au Firmware, Ar9380 and 153 more | 2025-04-09 | N/A | 6.0 MEDIUM |
| Information exposure in DSP services due to improper handling of freeing memory | |||||
| CVE-2022-33276 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | N/A | 8.4 HIGH |
| Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. | |||||
| CVE-2022-33253 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames. | |||||
| CVE-2022-33252 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame. | |||||
| CVE-2022-33286 | 1 Qualcomm | 562 Apq8009, Apq8009 Firmware, Apq8017 and 559 more | 2025-04-09 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | |||||
| CVE-2022-33285 | 1 Qualcomm | 556 Apq8009, Apq8009 Firmware, Apq8017 and 553 more | 2025-04-09 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | |||||
| CVE-2022-33284 | 1 Qualcomm | 352 Aqt1000, Aqt1000 Firmware, Ar8035 and 349 more | 2025-04-09 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. | |||||
| CVE-2022-33283 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. | |||||
| CVE-2023-33063 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 559 more | 2025-01-27 | N/A | 7.8 HIGH |
| Memory corruption in DSP Services during a remote call from HLOS to DSP. | |||||
| CVE-2024-21473 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Ar9380 and 251 more | 2025-01-13 | N/A | 9.8 CRITICAL |
| Memory corruption while redirecting log file to any file location with any file name. | |||||
| CVE-2023-33105 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Ar9380 and 295 more | 2025-01-10 | N/A | 7.5 HIGH |
| Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. | |||||
| CVE-2023-28578 | 1 Qualcomm | 680 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 677 more | 2025-01-10 | N/A | 9.3 CRITICAL |
| Memory corruption in Core Services while executing the command for removing a single event listener. | |||||
| CVE-2024-33012 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
| Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. | |||||