Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up
Qualcomm, Inc. Snapdragon

Version QCA2065

OTHER 49 CVEs

Known Vulnerabilities

CVE-2024-45542

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

HIGH CVSS 7.8 Published Jan 06, 2025

CVE-2024-45541

Memory corruption when IOCTL call is invoked from user-space to read board data.

HIGH CVSS 7.8 Published Jan 06, 2025

CVE-2024-43053

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

HIGH CVSS 7.8 Published Dec 02, 2024

CVE-2024-43050

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

HIGH CVSS 7.8 Published Dec 02, 2024

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

HIGH CVSS 8.2 Published Nov 04, 2024

CVE-2024-33051

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2024-23364

Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).

HIGH CVSS 7.5 Published Sep 02, 2024

CVE-2023-43536

Transient DOS while parse fils IE with length equal to 1.

HIGH CVSS 7.5 Published Feb 06, 2024

CVE-2023-43533

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

HIGH CVSS 7.5 Published Feb 06, 2024

CVE-2023-43522

Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.

HIGH CVSS 7.5 Published Feb 06, 2024

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33112

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33109

Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM request.

HIGH CVSS 7.5 Published Jan 02, 2024

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing vdev.

HIGH CVSS 8.4 Published Dec 05, 2023

CVE-2023-33080

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

HIGH CVSS 7.5 Published Dec 05, 2023

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

HIGH CVSS 7.8 Published Dec 05, 2023

CVE-2023-33047

Transient DOS in WLAN Firmware while parsing no-inherit IES.

HIGH CVSS 7.5 Published Nov 07, 2023

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

CRITICAL CVSS 9.8 Published Oct 03, 2023

CVE-2023-33027

Transient DOS in WLAN Firmware while parsing rsn ies.

HIGH CVSS 7.5 Published Oct 03, 2023

CVE-2023-33026

Transient DOS in WLAN Firmware while parsing a NAN management frame.

HIGH CVSS 7.5 Published Oct 03, 2023

CVE-2023-33015

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

HIGH CVSS 7.5 Published Sep 05, 2023

CVE-2023-28573

Memory corruption in WLAN HAL while parsing WMI command parameters.

HIGH CVSS 7.8 Published Sep 05, 2023

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

HIGH CVSS 7.8 Published Sep 05, 2023

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

HIGH CVSS 7.8 Published Sep 05, 2023

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

HIGH CVSS 7.8 Published Sep 05, 2023

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

HIGH CVSS 7.8 Published Sep 05, 2023

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

HIGH CVSS 7.8 Published Sep 05, 2023

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

HIGH CVSS 8.4 Published Sep 05, 2023

CVE-2023-21659

Transient DOS in WLAN Firmware while processing frames with missing header fields.

HIGH CVSS 7.5 Published Jun 06, 2023

CVE-2023-21658

Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.

HIGH CVSS 7.5 Published Jun 06, 2023

CVE-2022-40532

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

HIGH CVSS 8.4 Published Apr 04, 2023

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

HIGH CVSS 8.4 Published Mar 07, 2023

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

HIGH CVSS 8.4 Published Mar 07, 2023

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

CRITICAL CVSS 9.8 Published Feb 09, 2023

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

HIGH CVSS 7.5 Published Feb 09, 2023

CVE-2022-33306

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

HIGH CVSS 7.5 Published Feb 09, 2023

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

HIGH CVSS 8.4 Published Feb 09, 2023

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

HIGH CVSS 8.2 Published Feb 09, 2023

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

HIGH CVSS 7.5 Published Jan 06, 2023

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

HIGH CVSS 7.5 Published Jan 06, 2023

CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.

HIGH CVSS 8.2 Published Jan 06, 2023

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

HIGH CVSS 8.2 Published Jan 06, 2023

CVE-2022-33276

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

HIGH CVSS 8.4 Published Jan 06, 2023

CVE-2022-33253

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

HIGH CVSS 7.5 Published Jan 06, 2023

CVE-2022-33252

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

HIGH CVSS 8.2 Published Jan 06, 2023