Memory corruption in WLAN HAL while processing command parameters from untrusted WMI...
7.8CVSS
7.9AI Score
0.0004EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response...
9.8CVSS
9.6AI Score
0.001EPSS
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line...
8.2CVSS
7.3AI Score
0.001EPSS
Memory corruption due to stack based buffer overflow in core while sending command from USB of large...
7.8CVSS
8AI Score
0.001EPSS
Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to...
7.8CVSS
7.5AI Score
0.0004EPSS
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after...
7.7CVSS
6.7AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI...
8.4CVSS
7.8AI Score
0.0004EPSS
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to...
7CVSS
6.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
6.1CVSS
5.3AI Score
0.0004EPSS
Memory corruption in Audio while processing IIR config data from AFE calibration...
7.8CVSS
7.8AI Score
0.0004EPSS
8.8CVSS
9.3AI Score
0.001EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
9.8CVSS
9.3AI Score
0.001EPSS
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI...
7.1CVSS
5.5AI Score
0.0004EPSS
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from...
7.5CVSS
7.6AI Score
0.0005EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
6.1CVSS
5.5AI Score
0.0004EPSS
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...
7.8CVSS
7.9AI Score
0.0004EPSS
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the...
7.5CVSS
7.4AI Score
0.001EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video...
8.4CVSS
8AI Score
0.0004EPSS
7.1CVSS
5.6AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS...
9.8CVSS
9.6AI Score
0.001EPSS
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in...
9.3CVSS
7.5AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not...
7.5CVSS
7.4AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management...
7.5CVSS
7.5AI Score
0.0004EPSS
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled...
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.0004EPSS
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration...
7.5CVSS
5.7AI Score
0.001EPSS
Memory corruption in Video while calling APIs with different instance ID than the one received in...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Linux android due to double free while calling unregister provider after register...
7.8CVSS
7.7AI Score
0.0004EPSS
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory...
7.8CVSS
6.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory Corruption due to improper validation of array index in Linux while updating adn...
7.8CVSS
7.5AI Score
0.0004EPSS
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB...
7.1CVSS
5.5AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS