9.8CVSS
9.6AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to...
7.8CVSS
7.5AI Score
0.0004EPSS
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx...
8.4CVSS
7.7AI Score
0.0004EPSS
An app with non-privileged access can change global system brightness and cause undesired system...
7.8CVSS
7.6AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report...
7.3CVSS
5.6AI Score
0.0004EPSS
6.2CVSS
5.4AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
Information disclosure in modem due to buffer over-read while processing packets from DNS...
7.5CVSS
7.4AI Score
0.001EPSS
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data...
7.8CVSS
7.6AI Score
0.0004EPSS
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT...
6.5CVSS
6.4AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
Information disclosure in modem due to buffer over-red while performing checksum of packet...
8.2CVSS
7.5AI Score
0.001EPSS
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel...
7.8CVSS
7.5AI Score
0.0004EPSS
7.6CVSS
6.5AI Score
0.001EPSS
8.4CVSS
7.6AI Score
0.0004EPSS
9.3CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
9.1CVSS
7.5AI Score
0.0005EPSS
9.8CVSS
9.5AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.001EPSS
Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to...
7.8CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...
7.8CVSS
7.7AI Score
0.0004EPSS
Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in...
7.5CVSS
7.4AI Score
0.001EPSS
Memory corruption in Core when updating rollback version for TA and OTA feature is...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged...
7.8CVSS
7.7AI Score
0.0004EPSS
Information Disclosure in Qualcomm IPC while reading values from shared memory in...
6.1CVSS
5.3AI Score
0.0004EPSS
Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification...
6.8CVSS
5.6AI Score
0.0004EPSS
Memory corruption in WLAN FW while processing command parameters from untrusted WMI...
7.8CVSS
7.9AI Score
0.0004EPSS
8.4CVSS
7.6AI Score
0.0004EPSS
Information disclosure due to buffer over-read while parsing DNS response packets in...
8.2CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS...
9.8CVSS
9.6AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.0004EPSS
Memory corruption in Audio while processing the calibration data returned from ACDB...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap...
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of...
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event...
8.4CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from...
9.8CVSS
9.4AI Score
0.001EPSS
9.8CVSS
8.3AI Score
0.001EPSS
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command...
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.6AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS