Total
332 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21650 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Csrb31024 and 99 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. | |||||
| CVE-2023-21636 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory Corruption due to improper validation of array index in Linux while updating adn record. | |||||
| CVE-2022-40539 | 1 Qualcomm | 50 Qam8295p, Qam8295p Firmware, Qca6574au and 47 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Automotive Android OS due to improper validation of array index. | |||||
| CVE-2022-40537 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-04-12 | N/A | 9.8 CRITICAL |
| Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | |||||
| CVE-2022-40534 | 1 Qualcomm | 26 Snapdragon W5\+ Gen 1 Wearable Platform, Snapdragon W5\+ Gen 1 Wearable Platform Firmware, Sw5100 and 23 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to improper validation of array index in Audio. | |||||
| CVE-2022-33302 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 447 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | |||||
| CVE-2022-33289 | 1 Qualcomm | 452 315 5g Iot Modem, 315 5g Iot Modem Firmware, 7wcn785x-1 and 449 more | 2024-04-12 | N/A | 6.8 MEDIUM |
| Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | |||||
| CVE-2022-33281 | 1 Qualcomm | 16 Sm8450, Sm8450 Firmware, Wcd9380 and 13 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames. | |||||
| CVE-2022-33275 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 515 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | |||||
| CVE-2022-33256 | 1 Qualcomm | 130 Ar8035, Ar8035 Firmware, Qca6390 and 127 more | 2024-04-12 | N/A | 9.8 CRITICAL |
| Memory corruption due to improper validation of array index in Multi-mode call processor. | |||||
| CVE-2023-43535 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger. | |||||
| CVE-2023-33053 | 1 Qualcomm | 234 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 231 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Kernel while parsing metadata. | |||||
| CVE-2023-33111 | 2024-04-12 | N/A | 5.5 MEDIUM | ||
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. | |||||
| CVE-2020-36776 | 1 Linux | 1 Linux Kernel | 2024-04-10 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/cpufreq_cooling: Fix slab OOB issue Slab OOB issue is scanned by KASAN in cpu_power_to_freq(). If power is limited below the power of OPP0 in EM table, it will cause slab out-of-bound issue with negative array index. Return the lowest frequency if limited power cannot found a suitable OPP in EM table to fix this issue. Backtrace: [<ffffffd02d2a37f0>] die+0x104/0x5ac [<ffffffd02d2a5630>] bug_handler+0x64/0xd0 [<ffffffd02d288ce4>] brk_handler+0x160/0x258 [<ffffffd02d281e5c>] do_debug_exception+0x248/0x3f0 [<ffffffd02d284488>] el1_dbg+0x14/0xbc [<ffffffd02d75d1d4>] __kasan_report+0x1dc/0x1e0 [<ffffffd02d75c2e0>] kasan_report+0x10/0x20 [<ffffffd02d75def8>] __asan_report_load8_noabort+0x18/0x28 [<ffffffd02e6fce5c>] cpufreq_power2state+0x180/0x43c [<ffffffd02e6ead80>] power_actor_set_power+0x114/0x1d4 [<ffffffd02e6fac24>] allocate_power+0xaec/0xde0 [<ffffffd02e6f9f80>] power_allocator_throttle+0x3ec/0x5a4 [<ffffffd02e6ea888>] handle_thermal_trip+0x160/0x294 [<ffffffd02e6edd08>] thermal_zone_device_check+0xe4/0x154 [<ffffffd02d351cb4>] process_one_work+0x5e4/0xe28 [<ffffffd02d352f44>] worker_thread+0xa4c/0xfac [<ffffffd02d360124>] kthread+0x33c/0x358 [<ffffffd02d289940>] ret_from_fork+0xc/0x18 | |||||
| CVE-2023-39235 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->num_time_ticks`. | |||||
| CVE-2023-39234 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->numrealfacs`. | |||||
| CVE-2023-35997 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 2 or more. | |||||
| CVE-2023-35996 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0. | |||||
| CVE-2023-35995 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1. | |||||
| CVE-2023-35994 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part. | |||||