Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-9036

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-23 Dec, 2016 | 22:00
Updated At-06 Aug, 2024 | 02:42
Rejected At-
Credits

An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of a buffer, resulting in a denial of service vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:23 Dec, 2016 | 22:00
Updated At:06 Aug, 2024 | 02:42
Rejected At:
▼CVE Numbering Authority (CNA)

An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of a buffer, resulting in a denial of service vulnerability.

Affected Products
Vendor
Tarantool
Product
Msgpuck library
Versions
Affected
  • 1.0.3
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/95064
vdb-entry
x_refsource_BID
http://www.talosintelligence.com/reports/TALOS-2016-0254/
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/bid/95064
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.talosintelligence.com/reports/TALOS-2016-0254/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/95064
vdb-entry
x_refsource_BID
x_transferred
http://www.talosintelligence.com/reports/TALOS-2016-0254/
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/95064
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.talosintelligence.com/reports/TALOS-2016-0254/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:23 Dec, 2016 | 22:59
Updated At:06 May, 2026 | 22:30

An exploitable incorrect return value vulnerability exists in the mp_check function of Tarantool's Msgpuck library 1.0.3. A specially crafted packet can cause the mp_check function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of a buffer, resulting in a denial of service vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
tarantool
tarantool
>>msgpuck>>1.0.3
cpe:2.3:a:tarantool:msgpuck:1.0.3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Secondarytalos-cna@cisco.com
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Secondary
Source: talos-cna@cisco.com
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/95064talos-cna@cisco.com
Broken Link
Third Party Advisory
VDB Entry
http://www.talosintelligence.com/reports/TALOS-2016-0254/talos-cna@cisco.com
Exploit
Technical Description
Third Party Advisory
http://www.securityfocus.com/bid/95064af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://www.talosintelligence.com/reports/TALOS-2016-0254/af854a3a-2127-422b-91ae-364da2661108
Exploit
Technical Description
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/95064
Source: talos-cna@cisco.com
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.talosintelligence.com/reports/TALOS-2016-0254/
Source: talos-cna@cisco.com
Resource:
Exploit
Technical Description
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/95064
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.talosintelligence.com/reports/TALOS-2016-0254/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Technical Description
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

797Records found
CVE-2016-9037
Matching Score-10
Assigner-Talos
ShareView Details
Matching Score-10
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-2.75% / 86.32%
||
7 Day CHG~0.00%
Published-23 Dec, 2016 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server.

Action-Not Available
Vendor-tarantoolTarantool
Product-tarantoolTarantool
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21459
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 64.22%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Transient DOS while parsing per STA profile in ML IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6678aq_firmwareqcm8550_firmwarewcn6650wsa8845_firmwarewsa8832wcd9378_firmwareqcc2076_firmwareqca6595sm8735srv1lwcd9335sm7675pqca6678aqqca8081_firmwaresrv1mwcd9370ar8035_firmwareqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwarewcn7860_firmwarewcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750wcn6450qcc2073_firmwareqcc710_firmwarefastconnect_6700qca6564auwsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337wcd9395sg8275p_firmwareqcm6490_firmwareqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auvision_intelligence_400_firmwarewcd9390sa8620p_firmwarewsa8845h_firmwareflight_rb5_5gsa9000p_firmwaresrv1hsm8650q_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs9100qca6554aqcs5430sa8295p_firmwarewcn7860qcm5430qcm5430_firmwaresa8770pqca6584auqcn6274_firmwaressg2115pqcn9011_firmwareqcc710wcn6755_firmwarewcn6650_firmwareqca6777aqsnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900sa7255psm8635qfw7114sm8635_firmwarewcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pqmp1000_firmwarewcn7880sxr2330pwcn6755qca6787aqwsa8845sa6155pqca6564au_firmwaresxr1230pqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresm6650wcn7881qca6595auvideo_collaboration_vc3_platformsxr2250p_firmwaresa6155p_firmwaresm6650pwsa8840qca6688aqqam8295p_firmwaresnapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwarewcn3990_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6698aq_firmwaresm8750pwcd9385qcn9012sa8255pqcs7230_firmwaresm8635psxr1230p_firmwarewcd9390_firmwareqmp1000snapdragon_8_gen_2_mobileqcs615_firmwaresg8275pwcd9370_firmwaresm8750_firmwareqcc2076flight_rb5_5g_firmwaressg2125pqca6554a_firmwaresa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwaresa8195pwcd9340qcs8250_firmwareqamsrv1mrobotics_rb5snapdragon_auto_5g_modem-rf_gen_2wcn7861_firmwareqcm6490wcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwaresxr2250pqcm8550qcs6490_firmwareqcn9274sm6650_firmwareqam8620pqca6584au_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresxr2230p_firmwareqca6777aq_firmwarewsa8835wsa8840_firmwareqcs8300_firmwareqcn9011sa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hqcs8300wcd9380_firmwareqca6574_firmwaresm8650qsa8155p_firmwareqca8081sa8155pwcd9335_firmwarewsa8830qam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresm8550psnapdragon_x75_5g_modem-rfsa8620psm7675_firmwaresa8255p_firmwareqcc2073ar8035qca6574a_firmwareqamsrv1m_firmwaresm7635_firmwarewcn7750_firmwaresa8650p_firmwarewcn6450_firmwareqca6787aq_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresrv1l_firmwareqcn6224qcs9100_firmwareqcn9274_firmwareqcs615qcn9012_firmwareqcs5430_firmwareqca6698aqsa7775p_firmwaresm7635ssg2125p_firmwareqrb5165nsa8295psa8770p_firmwareqcs8550sm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwarewcd9378sm8635p_firmwareqca6688aq_firmwaresm6650p_firmwaresm8750p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_ar2_gen_1fastconnect_6700_firmwareqamsrv1h_firmwaresm7675video_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwarevision_intelligence_400ssg2115p_firmwarewsa8835_firmwareqcs6490qcs8250sm7675p_firmwaresnapdragon_8_gen_3_mobilewsa8830_firmwareqcn6224_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2015-7507
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 70.50%
||
7 Day CHG~0.00%
Published-18 Feb, 2020 | 18:03
Updated-06 Aug, 2024 | 07:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.

Action-Not Available
Vendor-netsurf-browsern/a
Product-libnsbmpLibnsbmp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-3646
Matching Score-4
Assigner-Arista Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Arista Networks, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.18% / 39.96%
||
7 Day CHG~0.00%
Published-29 Aug, 2023 | 16:31
Updated-30 Sep, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-7280dr3am-367280dr3a-547280dr3-247800r3a-36pm7504r37800r3ak-36dm7289r3a-sc7812r37289r3ak-sc7280dr3ak-367500r3-36cq7500r3-24d7500r3-24p7800r3k-48cq7800r3-48cq7800r3ak-36pm7280cr3a-727289r3am-sc7800r3k-72y7512r37800r3a-36dm7280cr3a-48d67280sr3-40yc67280dr3ak-547280cr3-967800r3a-36d7800r3a-36p7500r3k-48y4d7800r3k-48cqms7280r37800r3k-36dm7280tr3-40c67280dr3am-547500r3k-36cq7512r37280cr3-32d47280cr3-36s7508r37800r3-36p7808r37280cr3-32p47816r37280cr3a-24d127280pr3-24eos7280sr3-48yc87800r3-36d7280dr3a-36EOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34358
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.39%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 04:09
Updated-21 Oct, 2024 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AX88U - Out-of-bounds Read - 1

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax88u_firmwarert-ax88uRT-AX88Urt-ax88u
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34359
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.35% / 58.09%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 04:31
Updated-21 Oct, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AX88U - Out-of-bounds Read - 2

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_decode()" function of ej.c, resulting in a DoS condition.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax88u_firmwarert-ax88uRT-AX88Urt-ax88u
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21454
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 57.95%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:49
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Embedded SW

Transient DOS while processing received beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_x20_lte_modemimmersive_home_214robotics_rb3sd865_5gapq8017sa6150p_firmwaresw5100psxr1120sm8735snapdragon_670_mobilesxr2330p_firmwarear9380snapdragon_8\+_gen_1_mobilefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_685_4g_mobilesa4150psnapdragon_782g_mobile_firmwaresnapdragon_x50_5g_modem-rf_firmwaresnapdragon_auto_4g_modemsnapdragon_665_mobile_firmwaresc8180xp-aaabsnapdragon_690_5g_mobile_firmwaresnapdragon_x72_5g_modem-rfsm6370snapdragon_820_automotivesnapdragon_x12_lte_modemsnapdragon_888\+_5g_mobile_firmwaresa8620p_firmwaresd730_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresc8180xp-acafsrv1hsm8650q_firmwaresd730snapdragon_820_automotive_firmwarefastconnect_6800_firmwaresnapdragon_690_5g_mobilesdx20msnapdragon_636_mobile_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_712_mobile_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115psd821snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_x5_lte_modem_firmware315_5g_iot_modem_firmwarefastconnect_6900robotics_rb2snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsa7255psm8635snapdragon_730_mobile_firmware315_5g_iot_modemsa8155_firmwaresdx61snapdragon_x65_5g_modem-rfsnapdragon_730_mobilesc7180-adsd821_firmwaresnapdragon_680_4g_mobilesa6155psc8180x-adsd820csr8811_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwaresnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaresnapdragon_845_mobile_firmwaresnapdragon_ar1_gen_1srv1m_firmwaresnapdragon_x35_5g_modem-rf_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwaresm8750psnapdragon_695_5g_mobile_firmwaresnapdragon_x55_5g_modem-rf_firmwaresm4125_firmwaresnapdragon_850_mobilesm8635psnapdragon_x62_5g_modem-rf_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileapq8064au_firmwarecsrb31024robotics_rb2_firmwaresnapdragon_712_mobilesa7255p_firmwaresnapdragon_x72_5g_modem-rf_firmwaresm7635p_firmwaresnapdragon_8\+_gen_2_mobilesa8195psnapdragon_1200_wearable_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_7c_firmwaresxr2250psm8550p_firmwaresnapdragon_x20_lte_modem_firmwaresm6370_firmwaresnapdragon_765_5g_mobile_firmwaresnapdragon_662_mobileapq8076vision_intelligence_300_firmwaresa8775psxr2230p_firmwaresd675_firmwarear9380_firmwaresnapdragon_855_mobile_firmwaresa8775p_firmwaresmart_audio_400sa6150psm8650qsa8155p_firmwaresnapdragon_630_mobilesa8155phome_hub_100snapdragon_765g_5g_mobile_firmwaresm8550psa6145psnapdragon_768g_5g_mobile_firmwaresc8180x\+sdx55_firmwareimmersive_home_318_firmwaresa8255p_firmwaresm7675_firmwarear8035sm7635_firmwaresnapdragon_4_gen_2_mobilesa6155sa8650p_firmwaresnapdragon_820_mobile_firmwaresm7635pimmersive_home_216_firmwareimmersive_home_316srv1l_firmwaresnapdragon_x5_lte_modemsnapdragon_865\+_5g_mobile_firmwareapq8064ausc8180x\+sdx55sa7775p_firmwaressg2125p_firmwaresm6250sm7635snapdragon_480\+_5g_mobilefastconnect_6200sd670sm7325p_firmwaresa8145p_firmwaresd460sc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwaresm8635p_firmwaresm6650p_firmwaresa8150p_firmwarefastconnect_6700_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobilesnapdragon_695_5g_mobilesc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarehome_hub_100_firmwaresnapdragon_460_mobile_firmwaresd660_firmwaresnapdragon_7c\+_gen_3sdx61_firmwaresnapdragon_auto_4g_modem_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresrv1limmersive_home_216srv1msxr2130_firmwaresm7675psnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobilesc8380xpsa4150p_firmwaresd888_firmwaresnapdragon_x62_5g_modem-rfsm4635snapdragon_820_mobilesc8180xp-adsm6250p_firmwaresc8280xp-abbbsa8195p_firmwaresnapdragon_x12_lte_modem_firmwaresd_455_firmwarear8031sg8275p_firmwaresnapdragon_xr2\+_gen_1snapdragon_665_mobilesm7250p_firmwaresm4635_firmwaresm4125vision_intelligence_400_firmwareflight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresm8750snapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresnapdragon_870_5g_mobilesmart_audio_200_firmwaresa4155p_firmwaresnapdragon_720g_mobilesnapdragon_678_mobilesd_455sm7250pcsrb31024_firmwaresa8155sd_8cx_firmwaresc8180x-acafsm6250_firmwaresnapdragon_652_mobilesc8180x-ad_firmwaresd888sd460_firmwaresnapdragon_675_mobile_firmwaresw5100_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwaresnapdragon_780g_5g_mobile_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800fastconnect_7800_firmwaresnapdragon_675_mobileimmersive_home_214_firmwaresnapdragon_865_5g_mobile_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwareapq8017_firmwaresa6145p_firmwaresa6155_firmwaresxr2230psmart_audio_200snapdragon_xr2_5gsa8150psxr2330psnapdragon_x24_lte_modemsnapdragon_1200_wearablesnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsxr1230psc8180x-aaab_firmwaresd662_firmwaresm6650sw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwaresm6650psd855sm7315snapdragon_660_mobilesdx20m_firmwaresnapdragon_888\+_5g_mobilesnapdragon_xr2\+_gen_1_firmwaresnapdragon_8_gen_1_mobilesnapdragon_630_mobile_firmwaresd662snapdragon_680_4g_mobile_firmwaresa8255psxr1230p_firmwaresnapdragon_821_mobilesnapdragon_865\+_5g_mobilesd820_firmwaresnapdragon_855\+_mobilesg8275psm6250psnapdragon_765_5g_mobilesnapdragon_860_mobilesdx55_firmwaresc8180xp-ad_firmwaresm8750_firmwaresnapdragon_auto_5g_modem-rfflight_rb5_5g_firmwaressg2125psxr21309206_lte_modem_firmwaresnapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaresnapdragon_480\+_5g_mobile_firmwarerobotics_rb5sm7325psnapdragon_x50_5g_modem-rfsnapdragon_732g_mobile_firmwarevideo_collaboration_vc5_platformsnapdragon_670_mobile_firmwareaqt1000_firmwaresm6650_firmwaresnapdragon_652_mobile_firmwaresd855_firmwaresnapdragon_x24_lte_modem_firmwaresw5100p_firmwaresnapdragon_7ccsra6620sd660sg4150psd_8_gen1_5gsnapdragon_ar2_gen_1_firmwaresnapdragon_x75_5g_modem-rfsa8620p9206_lte_modemsdx55snapdragon_4_gen_1_mobilesnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675snapdragon_821_mobile_firmwaresd_8_gen1_5g_firmwaresa7775psnapdragon_7c\+_gen_3_firmwaresnapdragon_ar1_gen_1_firmwareimmersive_home_318snapdragon_710_mobilesnapdragon_x32_5g_modem-rfsg4150p_firmwaresa8770p_firmwarecsra6620_firmwaresa8295psm8735_firmwaresc8280xp-abbb_firmwarefastconnect_7800sa8650psd865_5g_firmwaresm8750p_firmwaresnapdragon_xr1sc7180-ad_firmwareapq8076_firmwaresnapdragon_8\+_gen_2_mobile_firmwarevision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobilesnapdragon_850_mobile_firmwareimmersive_home_316_firmwaresnapdragon_636_mobilesm7675sa8145psd_675snapdragon_8\+_gen_1_mobile_firmwaresd_8cxvision_intelligence_400ssg2115p_firmwarecsr8811sm7675p_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33015
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.35%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca2066sa6150p_firmwareipq4028_firmwaresc8180x-ab_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwareqcn5124qca4024_firmwarewcn3950_firmwaresnapdragon_8_gen_1sc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335qca2062snapdragon_x55_5gsnapdragon_xr2\+_gen_1sc8180xp-adqca6554a_firmwareqam8295pwcn3950qcn6024_firmwareipq8076asd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350snapdragon_x65_5g_firmwaresm7315_firmwaresnapdragon_778g\+_5gqca6428snapdragon_x55_5g_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360snapdragon_xr2_5gqca6438_firmwareqca9986snapdragon_888_5gipq8070_firmwaresc8180xp-afipq8065ipq8078a_firmwareqca6678aq_firmwareqrb5165m_firmwareipq5028ipq4029_firmwaresc8180xp-aa_firmwareqca6698aqsa8155_firmwareipq6010ipq8068qca6430snapdragon_870_5gsnapdragon_778g\+_5g_firmwarewcd9340qcn6132qca6436sa6155pqca6698aq_firmwaresnapdragon_865\+_5g_firmwareqca9888_firmwareqcn6122wcd9341sa8255pipq8068_firmwareqca6696_firmwareqca2066_firmwareqca6431sc8180xp-ab_firmwareqca1062sc8180x-abqcn5154_firmwareqca6797aqsa8150psnapdragon_auto_4g_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresnapdragon_778g_5gqca6438sa8195p_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresnapdragon_865_5g_firmwareqca9898sa8295p_firmwareipq4028qca6428_firmwareqca9985_firmwareimmersive_home_216_firmwareipq4018_firmwareqca8337_firmwaressg2125pwcd9380_firmwareipq8072aqca9980_firmwareimmersive_home_214_firmwareipq8076a_firmwareipq8078qca6564auipq8173snapdragon_8_gen_1_firmware315_5gqcn5164snapdragon_ar2_gen_1qca6574csr8811_firmwarewcd9380sc8180xp-aafastconnect_6700qcn5054_firmwareqcn5024snapdragon_auto_5gsxr1230psc8180xp-ad_firmwareqca9985qcn9012_firmwareqca8072_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815pmp8074_firmwaresnapdragon_xr2\+_gen_1_firmwareqca9986_firmwareqcs8250qca6426_firmwareqca9984ipq6028ipq8064sc8180x-adpmp8074qcn9024wcn3980_firmwaresnapdragon_888_5g_firmwareipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwareqca6678aqipq8078_firmwarefastconnect_6900qcn5054fastconnect_6900_firmwareipq8070immersive_home_318qca9994qca6797aq_firmwareqca9980qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_1_firmwarewsa8832sc8180xp-ac_firmwareqcn7605_firmwareqsm8250sa6145pipq6018qca9886_firmwareqcs4490qca6595_firmwaresa8145psc8280xp-bbqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sdx55sd888_firmwareqcn5021_firmwaresa8155pssg2115p_firmwareqam8255par8035_firmwareqsm8250_firmwareqcn7606qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwaresa8145p_firmwaresnapdragon_x65_5gqca1062_firmwareimmersive_home_318_firmwarecsrb31024snapdragon_7c\+_gen_3_firmwareqcn9072sc8280xp-bb_firmwareqca9992qca6420_firmwareipq8069_firmwareqca2064_firmwarewcd9370immersive_home_216ssg2115pqcn5152_firmwareqca6426sc8280xp-abqca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareqcn7605snapdragon_782g_firmwarefastconnect_6200snapdragon_780g_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqca1064qcn9011_firmwareflight_rb5_5g_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nsnapdragon_888\+_5gipq5010immersive_home_214qca6564au_firmwareqca6584ausa6155p_firmwareqca6310ipq8174qca9990qcs6490qcn5052qcs8550_firmwaresnapdragon_778g_5g_firmwareqcn9074sa6145p_firmwareqca6421fastconnect_6700_firmwaresa8195pwsa8810_firmwarerobotics_rb5sa8255p_firmwaresnapdragon_780g_5gqca8081qcm4490qcn6023ipq8071aipq8071a_firmwarewcd9385sxr2130_firmwaresnapdragon_auto_4gqcs6490_firmwareqca2065_firmwareimmersive_home_316_firmwaresc8180x-acsnapdragon_xr2_5g_firmwareqca9898_firmwarewcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwareqcm6490wsa8835_firmwaresa4150pqca8072snapdragon_865_5gqcn9000qca6554asd865_5gfastconnect_6800qca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_auto_5g_firmwarewsa8835sd_8_gen1_5gsnapdragon_7c\+_gen_3snapdragon_865\+_5gqcn5154qca8075_firmwaresc8180xp-acsxr2130ssg2125p_firmwareipq4018qca6574aqca9889sc8180x-afsm7325pqcn6132_firmwareqca9888qca6310_firmwareipq8074qca9994_firmwaresnapdragon_8\+_gen_1ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886snapdragon_888\+_5g_firmwaresm7325p_firmwaresxr2230pipq8076snapdragon_782g315_5g_firmwareqca6574a_firmwarefastconnect_6200_firmwareipq8069qcn5021qcn5152qrb5165msm7315qca6391sc8280xp-ab_firmwarefastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_ar2_gen_1_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180xp-af_firmwareipq8074_firmwareimmersive_home_316qca9889_firmwareqca6574ausa8155p_firmwareqcn5122qcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810sc8180x-aa_firmwarerobotics_rb5_firmwareqcn5022sc8180x-aaipq6010_firmwaresc8180x-af_firmwareqca1064_firmwarewcn6740qca6696qcs8550sc8180xp-absa6150pqca8075qcn9022_firmwaresnapdragon_870_5g_firmwareqcn6024qcn9022qca9990_firmwareflight_rb5_5gipq8070asc8180x-ad_firmwareqcn9072_firmwareqcn9074_firmwareipq4029Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33027
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing rsn ies.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd865_5gqca6595snapdragon_xr1_platformipq6028_firmwareimmersive_home_214_platformqca8081_firmwareqcn9001sm7250-absnapdragon_x50_5g_modem-rf_systemwcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024ar9380qcc710_firmwareqca6426sc8180x-absa4150pqcn5124_firmwaresm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qcn7605qca6574au_firmwareqcn7606_firmwareipq8078a_firmwarewcn785x-5qam8295pwcd9341wsa8810_firmwaresd730_firmwarewsa8845h_firmwareqca2064_firmwaresdm670sm8150-acsm6375_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acvideo_collaboration_vc1_platform_firmwaresa4155pqcn9000qca2062_firmwaresm6375sm7250-aa_firmwareqsm8250_firmwaresc8180xp-acqsm8350_firmwarevideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310snapdragon_630_mobile_platformipq8074a_firmwareipq8076aqcs603_firmwarewcd9360snapdragon_ar2_gen_1_platform_firmwareimmersive_home_3210_platform_firmwaresa6155psm7150-ac_firmwareqca6564au_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresm7325_firmwaresa6155p_firmwareqca6390_firmwaresd835qca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070sc8180x-afsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqca8084sm4125_firmwaresm8250-ac_firmwareqca6420wcn3910csrb31024snapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwareqcc2076snapdragon_660_mobile_platformqca6574asm7325-aeqca9898_firmwarewcd9340qcs8250_firmwareqcm2290snapdragon_630_mobile_platform_firmwaresm6150-acsc8180xp-aa_firmwareqcn6122_firmwareqcn5154_firmwaresm8150-ac_firmwareipq8074sm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcn5122_firmwareqcn9024pmp8074qca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemqca2066_firmwaresdm710_firmwaresc8180xp-ac_firmwareqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550psa6145pqcn6122sa8255p_firmwarewcn785x-1_firmwareqcc2073qrb5165m_firmwareqca9985ipq8071aqcn6112wcn3950_firmwareqrb5165nqca1062_firmwaresc7180-acsm7325p_firmwaresd460wcd9360_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresd670_firmwareimmersive_home_326_platform_firmwareqca6438_firmwaresc8280xp-bb_firmwareqcn9072sm7150-aaqcn6224_firmwareipq4028_firmwareqca6431sd660_firmwareqca8082_firmwaresm6350sxr2130_firmwarear8035_firmwareqrb5165mqca1064qca6320snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwareqcs6125_firmwareqca9992_firmwareqca6428qca9990ipq8070ipq9008_firmwareqcn9074sdm712_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresm7325ipq8173sm8350-ac_firmwaresm7250p_firmwarewcn3999ipq6010_firmwarewcn785x-5_firmwarewcn3950sm4250-aasnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm4350_firmwaresm7350-ab_firmwareipq5028qca9986wcn3991qcf8001_firmwareqcn9070_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresm7150-aa_firmwaresnapdragon_845_mobile_platform_firmwaresd888sd460_firmwaresnapdragon_4_gen_2_mobile_platformipq8069wcn685x-5ipq8065qca6310_firmwareqcs7230sm8250-acwcd9371qcn9001_firmwaresc8180xp-aasnapdragon_xr2_5g_platform_firmwareqca8075_firmwarevision_intelligence_300_platform_firmwaresm7350-absm8350_firmwareqca2065_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwaresm7225_firmwareqca6698aq_firmwareqcs2290qcn76068998_firmwareqcs2290_firmwaresc8280xp-bbwcn3999_firmwareqca8084_firmwareqcn7605_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwaresc8180xp-abwcn6750qcn5024qca6430wcn6750_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125pcsra6640_firmwaresm4350immersive_home_326_platformqcn9013_firmwareqam8650p_firmwarewcn3998qca2062video_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwaresd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwaresm4250-aa_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660sdm670_firmwaresm4375wsa8815qam8775pqcm4325_firmwaresm7125_firmwareipq8069_firmwareqcm4290_firmwareqca9888_firmwareqca9889qca1062qcn5024_firmwareqcn9002_firmwareipq5010qcn9274_firmwaresg4150p_firmwaresc8180xp-af_firmwarecsra6620_firmwareqcs8550ipq8068_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresc7180-ad_firmwarewcd9375sdm712qca9889_firmwaresa8145psd_675immersive_home_316_platformsm4350-ac_firmwareqca2066csr8811sc7180-ac_firmwaresm7250-ac_firmwarewcn685x-1_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100psxr1120ipq9574qcn9000_firmwareqcn6102_firmwarevision_intelligence_300_platformqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca6696wcd9341_firmware8998qcn9003_firmwareqca6390qcc2073_firmwareipq8076wcn6740_firmwareqca1064_firmwareipq6018_firmwareqca9984_firmwareqcn6023immersive_home_216_platformqca9994_firmwareipq6000snapdragon_auto_4g_modemipq8078asm8150_firmwareqca6574auwcd9390csra6640sc8180x-af_firmwareqcn9100_firmwareqcn5122sd730qca6554aqcn6024_firmwareqca9886_firmwaresm8350qcm6125_firmwaressg2115pqcc710snapdragon_850_mobile_compute_platformqcn6132_firmwaresxr1120_firmwareqcn5054robotics_rb3_platform315_5g_iot_modem_firmwaresm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwareipq8064sa8155_firmwareqcn5164sm7150-abqca6335qcs4490sc7180-adsc8180xp-afsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6421_firmwareqcm6125sc8180x-adcsr8811_firmwaresm7125wsa8810qcn5021qca8085qsm8250snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595ausm7315_firmwarewcd9326_firmwarewsa8840qcs8550_firmwareqca9986_firmwareqfw7124_firmwareqcn9012wcd9371_firmwareqcs4490_firmwareqcf8001wcn3910_firmwaresdx65mwcd9370_firmwareipq9570sa8195pqca6335_firmwareqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformqcn9274ipq8076a_firmwareipq9570_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwareqca6430_firmwaresc8180x-aaipq4029_firmwareqcn9011qcs605qcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_662_mobile_platformqcn9074_firmwareipq8174sc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwareipq8174_firmwaresnapdragon_665_mobile_platformar8035ipq8072asa6155qca2065qcm4325robotics_rb5_platformqcn6224sc8280xp-absm8475_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250sm7250-acsc8180x-aa_firmwaresd670wcn685x-1sa8145p_firmwaresa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformsnapdragon_636_mobile_platform_firmwarewcn3990qca6428_firmwareqcn9002ipq8078snapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250ipq9554_firmwarear8031_firmwarewsa8830_firmwareqca6678aq_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqcc2076_firmwareqcs603qca6678aqsnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresm8475qca9992sm8250-ab_firmwaresa4150p_firmwareqca9898ipq9008ipq9554qca6564ausc8180xp-adsm6250p_firmwareimmersive_home_214_platform_firmwaresm7325-af_firmwaresa8195p_firmwareqcm4290qcn5054_firmwareqca9888ipq5332snapdragon_680_4g_mobile_platformsd_455_firmwareqcn9013ar8031sg8275p_firmwareqcm6490_firmwareipq8072a_firmwaresm4125qcm4490_firmwarerobotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcn6112_firmwareqcs6125apq5053-aa_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwareqca8085_firmwareapq5053-aasdm710sd_455qca9886qcn6132sm6250_firmwaresc8180x-ad_firmwareqcn6102qca6584auqca6320_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740sm6225-ad_firmwareqfw7114_firmwareqcs605_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250_firmwareimmersive_home_216_platform_firmwareipq8070asm7225wcd9380ipq4028qam8255psa6145p_firmwaresa6155_firmwaresxr2230pqca9990_firmwaresa8150pqcn9003snapdragon_665_mobile_platform_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230psm6225-adsd662_firmwaresm4350-acipq6010sw5100aqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855sc8180x-ab_firmwarewcn3990_firmwaresm7315qca6564a_firmwarewcd9385qca9994qsm8350sc8180xp-ab_firmwaresd662qcs4290sxr1230p_firmwareipq4018sg8275psm6250psdx55_firmwareipq8071a_firmwareqca6438qca6554a_firmwaresxr2130ipq6028qcm44908098_firmwaresnapdragon_636_mobile_platformqcn9100sm7150-ab_firmwaresnapdragon_xr2\+_gen_1_platformipq4029sm7325paqt1000_firmwareipq4018_firmwaresm6150-ac_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274sc8180x-acqfw7124ipq8074_firmwareqca6595au_firmwareqca0000sc8180x-ac_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwareqca6797aqsm4375_firmwareqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwareipq8074aimmersive_home_318_platformsd675sm6350_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca8386qca6391wcn785x-1ipq8173_firmwareqcn9012_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295p8098snapdragon_xr1_platform_firmwarerobotics_rb5_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwareipq8078_firmwarewcn685x-5_firmwarewcn3988_firmwareipq8070_firmwareqcn5154sd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_660_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980qcs610Snapdragonqam8255p_firmwaresnapdragon_850_mobile_compute_platform_firmwaresa6150p_firmwaresm6250p_firmwareipq4028_firmware315_5g_iot_modem_firmwaresg8275p_firmwareipq8173_firmwareqca6431_firmwarewcd9360_firmwareqca4024_firmwareimmersive_home_318_platform_firmwarewcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresd_455_firmwarecsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6554a_firmwarewcd9371_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresd460_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6438_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareipq4029_firmwaresa4155p_firmwareqcf8001_firmwaresa8155_firmwarerobotics_rb3_platform_firmwaresd662_firmwareqca6698aq_firmwareqca9888_firmwareqam8775p_firmwareipq8068_firmwareqca2066_firmwareqca6696_firmwareipq9008_firmwareqcn5154_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqca9980_firmwareipq8076a_firmwareqcn9001_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwarecsr8811_firmwareipq9554_firmwareqcn5054_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwarewcd9335_firmwareqca6335_firmwareqcc2073_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarepmp8074_firmwaresnapdragon_630_mobile_platform_firmwareqca9986_firmwareqca6426_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwarear8031_firmwareipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwareqca9886_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqsm8250_firmwareqcn5024_firmwaresnapdragon_662_mobile_platform_firmwaresa8145p_firmwaresxr2230p_firmwareqca1062_firmwareqcs2290_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwareipq8069_firmwareqca2064_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9385_firmwarewcd9326_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwaresnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3999_firmwareqcn6023_firmwarewsa8845h_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwaresdx65m_firmwareipq8071a_firmwareqcs4290_firmwareqca8085_firmwaresxr2130_firmwareqca2065_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqca9898_firmwaresm6250_firmwareqcn9100_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_636_mobile_platform_firmwaresxr1120_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwarear9380_firmwareqcs7230_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcn6132_firmwareqcn9003_firmwareqca6310_firmwareqca9994_firmwareqcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareipq8074_firmwareqca9889_firmwaresa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcn9013_firmwaresd835_firmwareqam8650p_firmwareipq6010_firmwareqca1064_firmwareqcn9022_firmwarewcd9390_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33081
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 34.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresc8180x-ab_firmwareqca8337qfw7124ipq8173_firmwareqca6431_firmwareqam8775pqcf8001qcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwareqca6595au_firmwarewcn685x-1wcn3998qca6554a_firmwaresc8180xp-adipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwareqca8084_firmwareqca6574au_firmwareqcn5164_firmwarewcn3998_firmwareqca8081_firmwareqca6420sc8180xp-afipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqsc8180xp-aa_firmwareqca0000qcf8001_firmwareipq6010sc8380xp_firmwareqca6430sdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwarewcn685x-1_firmwareqca9888_firmwareqam8775p_firmwareqcn6122wcd9341qca6431qca6696_firmwaresc8180xp-ab_firmwareipq9008_firmwareqca1062sc8180x-abqcn5154_firmwareqca6797aqqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn5164qca6574csr8811_firmwaresc8180xp-aawcd9380ipq9554_firmwareqcn5024sxr1230psc8180xp-ad_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815qcn6112qca6426_firmwaresc8380xpipq6028sc8180x-adqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareqca6421_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqca6797aq_firmwarewcn785x-1_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832sc8180xp-ac_firmwareipq5332immersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55sm8250ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewcn3991_firmwarewsa8830qcn9070sxr2230p_firmwareqca1062_firmwareqam8650pwcn785x-5qcn6224_firmwareqca8082qcn9072qca8386qca6420_firmwareqca6390_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformsm8250-abipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca1064qca8082_firmwaresnapdragon_x55_5g_modem-rf_systemqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewsa8845h_firmwareqfw7114qca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274ipq8174qcn5052sm8250_firmwareqcn6112_firmwaresm8250-acqcn9074qca6421qca8085wsa8810_firmwareqcn6224wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcd9385immersive_home_3210_platformqca8085_firmwaresxr2130_firmwareipq9570sc8180x-acqca6390ar8035csr8811aqt1000sc8180x\+sdx55_firmwarewcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcn9000qcf8000_firmwareqca6554asd865_5gqca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274qcn5154qca8075_firmwaresc8180xp-acqca6574assg2125p_firmwaresxr2130wcn685x-5_firmwareqca9889sc8180x-afqcn6132_firmwareqca9888qcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152wcn785x-5_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391aqt1000_firmwareqcn9100qcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwaresc8180xp-af_firmwareqca6574auqca9889_firmwareipq9574qcn5122wcd9341_firmwarewsa8810sc8180x-aa_firmwareipq5332_firmwaresm8550psnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwaresc8180x-aaqam8650p_firmwareipq6010_firmwaresc8180x-af_firmwareqca1064_firmwareqca6696sc8180xp-abqca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070asc8180x-ad_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33048
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing t2lm buffers.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwarewsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124ipq8173_firmwarewcn785x-5qam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn685x-1qcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010sc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwarewcn785x-5_firmwareimmersive_home_3210_platform_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6797aq_firmwarewcn785x-1_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550pimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwarear8035_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwareqca8075_firmwaressg2125p_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqca8084_firmwareqcn5124_firmwarewsa8845_firmwareqca8082_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwarewsa8845h_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn6274_firmwarewsa8840_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwarewsa8832_firmwarefastconnect_6900_firmwareipq6028_firmwaresc8380xp_firmwareipq8072a_firmwareqcn6112_firmwareqca6797aq_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9395_firmwareipq5332_firmwareqca6698aq_firmwaresdx65m_firmwareqcn9013_firmwareipq8071a_firmwareqam8650p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwaresm8550p_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwarewcd9390_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwarewsa8835_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21449
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 57.95%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-10 Feb, 2026 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Embedded SW

Transient DOS may occur while processing malformed length field in SSID IEs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_730_mobile_firmwaresxr2230psnapdragon_x72_5g_modem-rf_firmwaresm7675snapdragon_auto_5g_modem-rf_firmwaresm6370snapdragon_8_gen_3_mobilesnapdragon_845_mobilesm4635sm8750psm7250psnapdragon_782g_mobile_firmwaresa8650pvision_intelligence_300_firmwaresnapdragon_821_mobile_firmwaresm6650p_firmwaresc8180xp-aaab_firmwaresa4155p_firmwaresd660fastconnect_7800ssg2115psc8180x-aaab_firmwaresxr1230papq8064au_firmwaressg2115p_firmwaresa6145p_firmwaresnapdragon_ar2_gen_1_firmwarecsra6620_firmwaresdx55_firmwaresm7250p_firmwaresnapdragon_665_mobile_firmwaresnapdragon_670_mobilesd662vision_intelligence_400_firmwaresa8145p_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresrv1lar8031_firmwaresc8280xp-abbbsnapdragon_x5_lte_modemsm8750sa6155_firmwaresd670sc7180-adapq8017immersive_home_214sg8275pvideo_collaboration_vc1_platformsmart_audio_200_platform_firmwarefastconnect_6900_firmwaresnapdragon_888\+_5g_mobile_firmwaresnapdragon_675_mobilesnapdragon_x72_5g_modem-rfsnapdragon_7c_computesa7255pfastconnect_6900sc8180x-acaf_firmwaresnapdragon_855\+_mobile_firmwaresa8150psa8775pimmersive_home_216_firmwaresg4150psa8155psnapdragon_680_4g_mobile_firmwaresnapdragon_x12_lte_modemsm8750p_firmwaresm7675p_firmwaresnapdragon_712_mobileapq8064auvideo_collaboration_vc5_platformsnapdragon_820_automotive_firmwaresc8180x-ad_firmwaresm6370_firmwaresnapdragon_870_5g_mobilesd865_5gcsra6640robotics_rb3_firmwaresd670_firmwarecsrb31024snapdragon_855_mobile_firmwaresnapdragon_x65_5g_modem-rf_firmwaresnapdragon_821_mobileimmersive_home_316sdx55srv1l_firmwarehome_hub_100sc8180x-adsd730snapdragon_768g_5g_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwaresrv1msdx61_firmwaresnapdragon_662_mobilesnapdragon_778g_5g_mobile_firmwarevision_intelligence_300snapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwarear8035snapdragon_730g_mobilefastconnect_6800_firmwaresm8735_firmwaresnapdragon_860_mobilesnapdragon_732g_mobile_firmwaresnapdragon_820_mobile_firmwaresd820snapdragon_4_gen_2_mobile_firmwaresnapdragon_685_4g_mobilesa7775p_firmwaresnapdragon_auto_5g_modem-rfsd660_firmwaresnapdragon_690_5g_mobile_firmwaresmart_audio_400_platformimmersive_home_316_firmwaresw5100p_firmwaresxr1120sc8180x\+sdx55_firmwaresxr2330psnapdragon_xr1sd888sc8180xp-acafsnapdragon_710_mobilesnapdragon_w5\+_gen_1_wearablesd821snapdragon_712_mobile_firmwaresm8750_firmwaresnapdragon_765g_5g_mobile_firmwaresnapdragon_x24_lte_modem_firmwaresnapdragon_680_4g_mobilesd675snapdragon_685_4g_mobile_firmwaresnapdragon_8_gen_1_mobilesnapdragon_x55_5g_modem-rf_firmwaresm7325p_firmwaresnapdragon_x65_5g_modem-rfsd_8_gen1_5gsc8180xp-acaf_firmwaresd855sd855_firmwaresnapdragon_auto_4gsa8775p_firmwaresnapdragon_720g_mobileimmersive_home_318sm6250pvideo_collaboration_vc3_platformsd_8cxsnapdragon_8_gen_3_mobile_firmwaresnapdragon_865_5g_mobile_firmwaresnapdragon_auto_4g_firmwaresd662_firmwaresm6250p_firmwaresd820_firmwaresm8550p_firmwaresa6150psnapdragon_662_mobile_firmwaresnapdragon_720g_mobile_firmwaresw5100_firmwaresnapdragon_732g_mobilesm6650sc8380xpsw5100psd_675snapdragon_460_mobilesg4150p_firmwaresc8180x-acafsnapdragon_778g\+_5g_mobilesm8650qsdx61snapdragon_x5_lte_modem_firmwarear9380_firmwaresnapdragon_855_mobilefastconnect_6700_firmwaresa8770psa8195psc8180x-aaabsnapdragon_730g_mobile_firmwarerobotics_rb5snapdragon_850_mobile_compute_firmwaresm7635snapdragon_x32_5g_modem-rfsnapdragon_xr2\+_gen_1sa8155p_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresd_8cx_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_670_mobile_firmwaresnapdragon_865\+_5g_mobilesnapdragon_4_gen_1_mobilesxr2230p_firmwarear9380immersive_home_318_firmwaresa6155psnapdragon_855\+_mobilesnapdragon_888\+_5g_mobilesm7675_firmwaresd460snapdragon_888_5g_mobilehome_hub_100_firmwareaqt1000_firmwaresa8620psm8635_firmwaresa8255psnapdragon_480\+_5g_mobile_firmwaresnapdragon_750g_5g_mobile_firmwaresnapdragon_678_mobile_firmwaresnapdragon_860_mobile_firmwaresd865_5g_firmwaresnapdragon_4_gen_1_mobile_firmwarecsra6640_firmwaresnapdragon_ar1_gen_1sa6145psa8145psnapdragon_auto_5g_modem-rf_gen_2_firmwaresa7775psa8295psnapdragon_480_5g_mobile_firmwaresnapdragon_x32_5g_modem-rf_firmwaresxr2250pcsrb31024_firmwaresc8180xp-adsa8150p_firmwaresm7635p_firmwaresm7635psnapdragon_x55_5g_modem-rfsa8195p_firmwaresdx20m_firmwarerobotics_rb2_firmwaresnapdragon_768g_5g_mobilesm4125sd_675_firmwarevideo_collaboration_vc1_platform_firmwaresc7180-ad_firmwaresnapdragon_695_5g_mobilesnapdragon_8\+_gen_1_mobilesdx20msnapdragon_665_mobilesnapdragon_7c\+_gen_3_computesm8635snapdragon_765_5g_mobilesnapdragon_x35_5g_modem-rf_firmwarevideo_collaboration_vc3_platform_firmwaresmart_audio_200_platformsd888_firmwaresrv1hsnapdragon_782g_mobilesnapdragon_ar2_gen_1ar8035_firmwaresnapdragon_x62_5g_modem-rf_firmwaresm7675psnapdragon_xr1_firmwaresnapdragon_765_5g_mobile_firmwaresa6155p_firmwaresw5100sa7255p_firmwaresd675_firmwaresxr2330p_firmwaresnapdragon_778g_5g_mobilecsr8811_firmwaresa6150p_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_x12_lte_modem_firmwaresnapdragon_xr2\+_gen_1_firmwaresnapdragon_710_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarevideo_collaboration_vc5_platform_firmwareflight_rb5_5g_firmwaresd_8_gen1_5g_firmwaresnapdragon_780g_5g_mobilesnapdragon_8_gen_2_mobile_firmwaresnapdragon_870_5g_mobile_firmwaresm8650q_firmwaresnapdragon_660_mobile_firmwareapq8017_firmwaresm8735snapdragon_x50_5g_modem-rfsd460_firmwarefastconnect_6200_firmwaresm8550psnapdragon_820_automotivesxr1230p_firmwarecsra6620sg8275p_firmwaresa4150pflight_rb5_5gsa6155fastconnect_6200sc8180x\+sdx55snapdragon_8_gen_2_mobilesnapdragon_730_mobilesa4150p_firmwaresxr2130smart_audio_400_platform_firmwaresnapdragon_888_5g_mobile_firmwaresm4125_firmwaresnapdragon_ar1_gen_1_firmwarefastconnect_6800snapdragon_865_5g_mobilesa8770p_firmware315_5g_iot_firmwaresnapdragon_x62_5g_modem-rfsm8635psa4155psnapdragon_4_gen_2_mobilesnapdragon_x24_lte_modem315_5g_iotsm8635p_firmwaresa9000psd730_firmwaresnapdragon_x75_5g_modem-rfsa8255p_firmwarerobotics_rb2robotics_rb3sa8155_firmwaresnapdragon_8\+_gen_2_mobilesc8180xp-ad_firmwaressg2125psrv1m_firmwaresc8180xp-aaabsnapdragon_x35_5g_modem-rfsxr1120_firmwaresm4635_firmwaresa8650p_firmwaresnapdragon_695_5g_mobile_firmwareimmersive_home_214_firmwaresnapdragon_480\+_5g_mobilesnapdragon_7c_compute_firmwaresnapdragon_675_mobile_firmwaresd821_firmwaresm6650_firmwaresm7325psm6250snapdragon_820_mobilesa8155sxr2250p_firmwaresnapdragon_x50_5g_modem-rf_firmwareaqt1000snapdragon_845_mobile_firmwaresa9000p_firmwaresc8280xp-abbb_firmwarefastconnect_6700srv1h_firmwaresnapdragon_750g_5g_mobilesm6650psa8620p_firmwaresnapdragon_850_mobile_computesnapdragon_x20_lte_modem_firmwaresnapdragon_460_mobile_firmwareimmersive_home_216snapdragon_678_mobilesnapdragon_w5\+_gen_1_wearable_firmwaresc8380xp_firmwaresa8295p_firmwaresnapdragon_x20_lte_modemsnapdragon_660_mobilesm6250_firmwaresnapdragon_865\+_5g_mobile_firmwaresxr2130_firmwarevision_intelligence_400snapdragon_690_5g_mobilecsr8811snapdragon_780g_5g_mobile_firmwaresnapdragon_480_5g_mobilesm7315_firmwaresnapdragon_765g_5g_mobilefastconnect_7800_firmwaresm7635_firmwarear8031ssg2125p_firmwaresnapdragon_778g\+_5g_mobile_firmwarerobotics_rb5_firmwaresm7315Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33061
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.53%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwarewsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124ipq8173_firmwarewcn785x-5qam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn685x-1qcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010sc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwarewcn785x-5_firmwareimmersive_home_3210_platform_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6797aq_firmwarewcn785x-1_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550pimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33097
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 34.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while processing a FTMR frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwaresnapdragon_8_gen_1_mobile_platformwsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124sg8275p_firmwareipq8173_firmwareqam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareqcn9002ipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174qcn9001ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010qcs8550_firmwaresc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca8072qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550qcn9001_firmwareipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwaresd_8_gen1_5gqcn6274wcd9380ipq9554_firmwareqcn5054_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024qca9889qcn6132_firmwareqcn9003_firmwaresxr1230pqca9888qca8072_firmwaresg8275pqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqcn9003qfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwarefastconnect_7800qcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwarefastconnect_6900qcn5054qcn9070_firmwarefastconnect_6900_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550psnapdragon_8_gen_1_mobile_platform_firmwareimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696qcs8550immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9002_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33080
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_x20_lte_modemsd865_5gmdm9215_firmwareqca6595snapdragon_xr1_platformipq6028_firmwareimmersive_home_214_platformqca8081_firmwareqcn9001sm7250-absnapdragon_x50_5g_modem-rf_systemwcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024sdm845ar9380qcc710_firmwareqca6426sc8180x-abwcn3610sa4150pqcn5124_firmwaresm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qcn7605qca6574au_firmwareqcn7606_firmwareipq8078a_firmwarewcn785x-5qca6564_firmwareqam8295pwcd9341sd626_firmwaresnapdragon_x12_lte_modemwsa8810_firmwaresd730_firmwarewsa8845h_firmwareqca2064_firmwaresdm670sm8150-acsm6375_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acvideo_collaboration_vc1_platform_firmwaresa4155pqcn9000sd821qca2062_firmwaresm6375sm7250-aa_firmwaresc8180xp-acqsm8350_firmwarevideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310snapdragon_630_mobile_platformipq8074a_firmwareipq8076awcd9360snapdragon_ar2_gen_1_platform_firmwareapq8053-aa_firmwaresd821_firmwareimmersive_home_3210_platform_firmwaresa6155psm7150-ac_firmwareqca6564au_firmwaresd820qca8075qam8650pvideo_collaboration_vc5_platform_firmwaresm7325_firmwaresa6155p_firmwaremdm9640_firmwareqca6390_firmwaresd835qca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070sc8180x-afsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqca8084sm4125_firmwaresm8250-ac_firmwareqca6420qca6174_firmwarewcn3910apq8064au_firmwarecsrb31024qca9367mdm9250_firmwareqcc2076snapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asm7325-aeqca6174aqca6584_firmwareqca9898_firmwarewcd9340qcs8250_firmwareqcm2290snapdragon_630_mobile_platform_firmwaresm6150-acsm6225sc8180xp-aa_firmwareqcn6122_firmwareqcn5154_firmwaresm8150-ac_firmwareipq8074sm8550p_firmwarewcn3998_firmwareqcm8550snapdragon_x20_lte_modem_firmwarewcn3988qcn5122_firmwarepmp8074qcn9024qca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemqca2066_firmwaresdm710_firmwaresc8180xp-ac_firmwareqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550psa6145pqcn6122sa8255p_firmwareqcc2073wcn785x-1_firmwaremdm8215msm8996auqrb5165m_firmwaremdm9645qca9985snapdragon_x5_lte_modemipq8071aapq8064auqcn6112wcn3950_firmwareqrb5165nqca1062_firmwaresc7180-acsm7325p_firmwaresd460wcd9360_firmwares820a_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresd670_firmwareimmersive_home_326_platform_firmwareqca6438_firmwaresc8280xp-bb_firmwareqcn9072sm7150-aaipq4028_firmwareqcn6224_firmwareqca6431sd660_firmwareqca8082_firmwareqca4020_firmwareqca9379_firmwaresm6350sxr2130_firmwarear8035_firmwareapq8009_firmwareqrb5165mqca1064qca6320snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaremdm9215snapdragon_662_mobile_platform_firmwareqcs6125_firmwareqca9992_firmwareqca6428qca9990ipq8070ipq9008_firmwareqcn9074sdm712_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresnapdragon_x12_lte_modem_firmwaresm7325ipq8173sm8350-ac_firmwaresm7250p_firmwarewcn3999ipq6010_firmwarewcn785x-5_firmwarewcn3950sm4250-aasnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm4350_firmwaresm7350-ab_firmwareipq5028qca9986wcn3991qcn9070_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresm7150-aa_firmwaresd888sd460_firmwaresnapdragon_4_gen_2_mobile_platformipq8069wcn685x-5ipq8065qca6310_firmwaresd626qcs7230sm8250-acs820awcd9371qcn9001_firmwaresc8180xp-aasnapdragon_xr2_5g_platform_firmwareqca8075_firmwarevision_intelligence_300_platform_firmwaremdm9645_firmwaresm7350-abqrb5165_firmwaresm8350_firmwareqca2065_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwaresm7225_firmwareqca6175a_firmwaresm6125qca6698aq_firmwareqcs2290qcn76068998_firmwareqcs2290_firmwaresc8280xp-bbwcn3615qca9367_firmwareqca8084_firmwarewcn3999_firmwareqcn7605_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwaresc8180xp-abwcn6750qcn5024qca6430wcn6750_firmwaremdm9650sc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125p9206_lte_modem_firmwarecsra6640_firmwaresm4350immersive_home_326_platformqam8650p_firmwarewcn3998qcn9013_firmwareqca2062video_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwaresd855_firmwarewcd9335_firmwaremdm9640qca6436qrb5165n_firmwaresnapdragon_1200_wearable_platformsnapdragon_x24_lte_modem_firmwarewcn3980_firmwareqca6391_firmwarewsa8835wsa8840_firmwaresm4250-aa_firmwaremdm9310_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660mdm9628sm4375sdm670_firmwareqam8775pqca9377wsa8815qcm4325_firmwaresm7125_firmwareipq8069_firmwareqcm4290_firmwareqca9888_firmwareqca9889qca6175aqca1062qcn5024_firmwareqcn9002_firmwareipq5010qrb5165qcn9274_firmwaremdm9615_firmwaresg4150p_firmwaresc8180xp-af_firmwarecsra6620_firmwaresnapdragon_820_mobile_platform_firmwareqcs8550ipq8068_firmwaremdm8215_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresc7180-ad_firmwarewcd9375sdm712qca9889_firmwaresa8145psd_675immersive_home_316_platformsm4350-ac_firmwareqca2066csr8811apq8053-aasc7180-ac_firmwaresm7250-ac_firmwarewcn685x-1_firmwarewcn3680b_firmwareqcm8550_firmwareapq8017qcs410_firmwaresa6150p_firmwaresw5100pipq9574qcn9000_firmwareqcn6102_firmwaresxr1120vision_intelligence_300_platformqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca6696wcd9341_firmware8998qcn9003_firmwareqca6390qcc2073_firmwareipq8076wcn6740_firmwareqca1064_firmwareipq6018_firmwareqca9984_firmwareqcn6023immersive_home_216_platformqca9994_firmwareipq6000snapdragon_auto_4g_modemipq8078asm8150_firmwareqca6574auwcd9390csra6640sc8180x-af_firmwareqcn9100_firmwarewcn3660b_firmwareqcn5122sd730qca6554aqcn6024_firmwaresdx20mqca9886_firmwaresm8350qcm6125_firmwaressg2115pqcc710snapdragon_850_mobile_compute_platformqcn6132_firmwaremdm9615sxr1120_firmwaresnapdragon_x5_lte_modem_firmwareqcn5054robotics_rb3_platform315_5g_iot_modem_firmwaresm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresnapdragon_821_mobile_platform_firmwareipq8064sa8155_firmwareqcn5164sm7150-abqca6335qcs4490sc7180-adsc8180xp-afmdm9250snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6421_firmwareqcm6125sc8180x-adcsr8811_firmwaresm7125wsa8810qcn5021qca8085snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595ausm7315_firmwarewcd9326_firmwarewsa8840qcs8550_firmwareqca9986_firmwareqfw7124_firmwareqcn9012mdm9650_firmwaresnapdragon_821_mobile_platformwcd9371_firmwareqcs4490_firmwarewcn3910_firmwareapq8009qca4531_firmwaresdx65mwcd9370_firmwareipq9570mdm9310sa8195pqca6335_firmwareqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformqcn9274qca9379ipq8076a_firmwareipq9570_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwareqca6430_firmwaresc8180x-aaipq4029_firmwareqcn9011qcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_662_mobile_platformqcn9074_firmwarevision_intelligence_400_platform_firmwareipq8174sc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwareipq8174_firmwarear8035ipq8072aqca6564sa6155qca2065qcm4325qcn6224sc8280xp-absm8475_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250sm7250-acsc8180x-aa_firmwaresd670wcn685x-1sa8145p_firmwarewcn3680bsnapdragon_820_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformsnapdragon_636_mobile_platform_firmwarewcn3990qca6428_firmwareqcn9002ipq8078qcs6490qcs8250ipq9554_firmwarear8031_firmwarewsa8830_firmwareqca6678aq_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqcc2076_firmwareqca6678aqsnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresm8475qca9992sm8250-ab_firmwaresa4150p_firmwareqca9898ipq9008ipq9554qca6564ausm6225_firmwaresc8180xp-adsm6250p_firmwareimmersive_home_214_platform_firmwaresm7325-af_firmwaresa8195p_firmwareapq8053-ac_firmwareqcm4290qcn5054_firmwareqca9888ipq5332sd_455_firmwaresm6125_firmwareqcn9013ar8031snapdragon_1200_wearable_platform_firmwareqca9377_firmwareqcm6490_firmwareipq8072a_firmwaresm4125qcm4490_firmwarerobotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcn6112_firmwareqcs6125apq5053-aa_firmwaresnapdragon_7c\+_gen_3_computeqca8085_firmwareapq5053-aasdm710sd_455qca9886qcn6132sm6250_firmwaresc8180x-ad_firmwareqcn6102qca6584auqca6320_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740sm6225-ad_firmwareqfw7114_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250_firmwareimmersive_home_216_platform_firmwareipq8070asm7225apq8017_firmwarewcd9380ipq4028qam8255psa6145p_firmwaresa6155_firmwaresxr2230pqca9990_firmwaresa8150pqcn9003snapdragon_x24_lte_modemmsm8996au_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230psm6225-adsd662_firmwaresm4350-acipq6010sdm660_firmwaresw5100aqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855sdm660sc8180x-ab_firmwareqca6174wcd9330_firmwarewcn3990_firmwaresm7315qca6564a_firmwaresdx20m_firmwareqca9994qsm8350sc8180xp-ab_firmwarewcd9385wcd9330sd662wcn3610_firmwareqcs4290sxr1230p_firmwareipq4018sd820_firmwaresm6250psdx55_firmwareipq8071a_firmwareqca6438wcn3615_firmwareqca6554a_firmwaresxr2130ipq6028qcm44908098_firmwaresnapdragon_636_mobile_platformqcn9100sm7150-ab_firmwareqca4020ipq4029qca6174a_firmwaresm7325paqt1000_firmwareipq4018_firmwaresm6150-ac_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274sc8180x-acqfw7124ipq8074_firmwareqca6595au_firmwareqca0000sc8180x-ac_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwareapq8053-acwcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwaremdm9628_firmwareqca6797aqqcn5152ipq8065_firmwaresm4375_firmwarevision_intelligence_400_platform9206_lte_modemqca6574a_firmwaresdx55qcn9072_firmwaresdm845_firmwareipq8074aimmersive_home_318_platformsd675sm6350_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca4531qca6391qca8386wcn785x-1ipq8173_firmwareqcn9012_firmwareqca6584snapdragon_8_gen_2_mobile_platform_firmwaresa8295p8098snapdragon_xr1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwareipq8078_firmwarewcn685x-5_firmwarewcn3988_firmwareipq8070_firmwareqcn5154sd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980qcs610Snapdragonsnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33116
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 55.66%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-17 Jun, 2025 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read without Checking Size of Input in WLAN Host

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq4028_firmwareqca8337qfw7124ar9380ipq8173_firmwareqcf8001flight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386qca9880_firmwareqca9992immersive_home_318_platform_firmwareipq8078aipq5028_firmwareipq6000qcn5152_firmwareqca0000_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqcn9011_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareqfw7114qrb5165nipq5010ipq8070_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8065ipq8078a_firmwareqcn9274ipq8174qca9990qrb5165m_firmwareipq5028qca7500ipq4029_firmwareqcn5052qca0000qcf8001_firmwareipq6010ipq8068qcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013snapdragon_x75_5g_modem-rf_systemqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwareqca9888_firmwareipq8068_firmwareqcn6122wcd9385ipq9008_firmwareipq9570qcn5154_firmwarear8035csr8811qca9898_firmwareipq4019qcc710_firmwareqcn9100_firmwarerobotics_rb5_platformqca9992_firmwareipq5010_firmwareipq8074a_firmwareqca9898qcn5022_firmwareipq4028immersive_home_216_platform_firmwareqca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwarear9380_firmwareipq8078qca8084ipq8173ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwarecsr8811_firmwareqcn6274wcd9380qcn5154qca8075_firmwareipq4018ipq4019_firmwareqcn5024qca9889qcn6132_firmwareqca9888qca9985qca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwarewcn3980ipq6018_firmwareipq8076_firmwareqca9886wcd9340_firmwareqcn6112ipq8076qca9984ipq6028ipq8064qcn5152qcn9024qrb5165mipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareqca6391ipq8064_firmwarefastconnect_7800qcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwarefastconnect_6900qcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareipq8070ipq6028_firmwareipq8072a_firmwareqcn9011qca9994qca9889_firmwareipq9574qca9980qcn5122ipq8174_firmwareqcn9024_firmwareqca9880fastconnect_7800_firmwareimmersive_home_326_platformipq6018qcn5022qcn9013_firmwareqca9886_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6391_firmwareimmersive_home_214_platform_firmwareqca4024sdx55qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqfw7124_firmwareipq4029ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33016
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.65%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN firmware while parsing MLO (multi-link operation).

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareimmersive_home_318_firmwareipq8173_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386snapdragon_8_gen_1ipq8078aipq5028_firmwareipq6000immersive_home_216ssg2115pqcn5152_firmwareqcn9000_firmwarewcd9385_firmwareipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareipq8074aqcn5124_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwareqca8081_firmwareqcn6023_firmwareipq5010immersive_home_214ipq8078a_firmwareqcn9274ipq8174ipq5028qcn5052ipq6010qcs8550_firmwareqcn9074qca8085qcn6132qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca8085_firmwareqca9888_firmwareqcn6122immersive_home_316_firmwareqcn5154_firmwarecsr8811qcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aimmersive_home_214_firmwareipq8076a_firmwareipq8078qca8084ipq8173snapdragon_8_gen_1_firmwareqcn5164snapdragon_ar2_gen_1qcn6122_firmwarewsa8835sxr1230p_firmwarecsr8811_firmwaresd_8_gen1_5gwcd9380qcn5154qca8075_firmwaressg2125p_firmwareqcn5024qca9889qcn6132_firmwaresxr1230pqca9888qcn5052_firmwareqcn9274_firmwareipq8070a_firmwareipq6018_firmwareipq8076_firmwaresxr2230pipq8076qcn5152ipq6028qcn9024ipq9574_firmwarefastconnect_7800qcn9100snapdragon_ar2_gen_1_firmwareipq8078_firmwarewsa8832_firmwarefastconnect_6900qcn9070_firmwarefastconnect_6900_firmwareimmersive_home_318ipq6028_firmwareipq8072a_firmwareimmersive_home_316qca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwarewsa8832ipq6018qcn5022ipq6010_firmwareqcs8550qca4024qca8075qcn9022_firmwareqcn6024qcn9022ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21446
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 64.22%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214wcn6650sd865_5gipq9574qcn9000_firmwareqcn6102_firmwareqca6595sm8735qcn9022ipq6028_firmwarewcd9370qca8081_firmwareqcn9001qca8072qca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwareipq5028_firmwarewcd9395_firmwaresxr2330p_firmwareqcn6024wcn7881_firmwareqcn9003_firmwarewcn7750ar9380wcn6450qcc710_firmwareqcc2073_firmwareqca6426snapdragon_8\+_gen_1_mobileipq8076wcn6740_firmwarefastconnect_6700ipq6018_firmwaresnapdragon_780g_5g_mobileqca9984_firmwareqcn6023qcn5124_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca9994_firmwareqca6426_firmwarewcd9395ipq9048ipq6000qca6574au_firmwareipq8078asnapdragon_x72_5g_modem-rfipq8078a_firmwareqam8295pqca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqca2064_firmwaresm8650q_firmwareqcn5122qcs9100qca6554aqcs5430fastconnect_6800_firmwarewcn7860qcn6024_firmwareqca9886_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwareqca2062_firmwaresnapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwareqca6777aqqsm8350_firmwareqcn5054fastconnect_6900ipq5332_firmwareqep8111sa7255psm8635qcn5052qca9980wcd9385_firmwareqca6421qfw7114ipq9574_firmwareqam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164sdx61snapdragon_x65_5g_modem-rfqcs4490qca6787aqwsa8845sa6155pqcn6100_firmwareqca6421_firmwareqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650psa9000pqca8085srv1h_firmwaresnapdragon_888_5g_mobile_firmwareqcn6100qca6595ausnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6698auqca9986_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012ipq8070a_firmwareqcn9070qcs4490_firmwareqcf8001snapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqca8084sm8635psnapdragon_x62_5g_modem-rf_firmwareqmp1000snapdragon_8_gen_2_mobilewcd9370_firmwareqcc2076sa7255p_firmwareqca6574asm7635p_firmwaresnapdragon_x72_5g_modem-rf_firmwareipq9570snapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qcm6490qcn6122_firmwareqcn5154_firmwareipq9048_firmwaresxr2250psm8550p_firmwareqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574ipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca6777aq_firmwareqca2066_firmwareqca6698au_firmwareqcn9011sa8775p_firmwareqamsrv1hwsa8845hqcn9024_firmwareqca8082sm8650qsa8155p_firmwaresa8155pqca8072_firmwarewsa8830sm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwaresa8255p_firmwareqcn6122sm7675_firmwareqcc2073ipq8174_firmwareipq8072asm7635_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn6450_firmwaresm7635pqca2065qca9985immersive_home_316srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareipq8071aqcn6224qcs615qcn6112qca6698aqwcn3950_firmwaresa7775p_firmwaressg2125p_firmwaresm7635sm7325p_firmwarewcd9378sm8635p_firmwaresm6650p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareqcn9002ipq8078snapdragon_8_gen_3_mobileqcs6490ipq9554_firmwaresnapdragon_778g_5g_mobileqcn9072wsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832sdx61_firmwareqca8082_firmwarewcd9378_firmwareqcc2076_firmwaresrv1limmersive_home_216srv1msxr2130_firmwaresm7675pqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwareqcn5022_firmwaresnapdragon_778g\+_5g_mobilewcn7860_firmwareqca9992sc8380xpqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_x62_5g_modem-rfipq9008ipq9554qca6564auqca9992_firmwareqca9990sc8280xp-abbbipq9008_firmwareqcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwareqcm4490_firmwarewcn3950sd_8_gen1_5g_firmwareqcn6112_firmwaresnapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computeipq5028qca9986qcf8001_firmwareqcn9070_firmwareqca8085_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobileqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132ipq6018qcn6102qca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwarewcn6740wcn6650_firmwaresc8380xp_firmwareipq8065snapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_214_firmwaresnapdragon_865_5g_mobile_firmwareqcn9001_firmwareipq8070asm8635_firmwarefastconnect_6900_firmwarewcd9380qam8255psxr2230pqca9990_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880qcn9003sxr2330pqca8075_firmwarewcn6755qcf8000qcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230pwcn7881qca2065_firmwaresm6650ipq6010video_collaboration_vc3_platformsm6650pqca9980_firmwareqca9985_firmwareqca6688aqqam8295p_firmwareqca6431_firmwaresm7315qca6698aq_firmwarewcd9385qca9994qsm8350snapdragon_888\+_5g_mobilesnapdragon_8_gen_1_mobileqca8084_firmwaresa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqcn5024qep8111_firmwareqcs615_firmwaresg8275psdx55_firmwareipq8071a_firmwaresm8750_firmwaresnapdragon_auto_5g_modem-rfssg2125pqca6554a_firmwaresxr2130ipq6028qcm4490snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mqca6174a_firmwaresm7325pwcn7861wcn7861_firmwareqam8650p_firmwareqca2062qcs6490_firmwaresm6650_firmwareipq8076_firmwareqam8620pqca6584au_firmwareqcn5152_firmwareqca6436qcn6274qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000qcs8300_firmwareipq8068qca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqcn5124qam8775psnapdragon_ar2_gen_1_firmwareipq8064_firmwareqca6797aqqcn5152ipq8065_firmwaresnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwaresnapdragon_865_5g_mobileipq8074aqca9889qcn5024_firmwarewcd9375_firmwareqcn9002_firmwareqca6787aq_firmwaresnapdragon_ar1_gen_1_firmwareqca8386immersive_home_318ipq5010qcn9274_firmwareqca6391sa7775pqcs5430_firmwaresnapdragon_x32_5g_modem-rfipq8173_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pqcs8550ipq8068_firmwareipq6000_firmwaresm8735_firmwaresa8650pfastconnect_7800qam8775p_firmwaresd865_5g_firmwaresc8280xp-abbb_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqamsrv1h_firmwaresm7675qcn5154snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwareqca2066ssg2115p_firmwarecsr8811qcn5022sm7675p_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2019-12897
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.65%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 21:37
Updated-04 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer after a call from ObjectModule!Paint::Clear+0x0000000000000074.

Action-Not Available
Vendor-edrawsoftn/a
Product-edraw_maxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-13618
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.63%
||
7 Day CHG~0.00%
Published-16 Jul, 2019 | 16:07
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32034
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.84%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32035
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.84%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32011
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.32% / 87.55%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 23:26
Updated-01 Jan, 2025 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows iSCSI Discovery Service Denial of Service Vulnerability

Windows iSCSI Discovery Service Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32044
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.06% / 87.00%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-28 Feb, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32045
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.06% / 87.00%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-28 Feb, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-3036
Matching Score-4
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-4
Assigner-Cloudflare, Inc.
CVSS Score-8.6||HIGH
EPSS-0.59% / 69.59%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 11:08
Updated-02 Jan, 2025 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Slice index in cfnts leads to remote panic

An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71  enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents.

Action-Not Available
Vendor-Cloudflare, Inc.
Product-cfntscfnts
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-9076
Matching Score-4
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-4
Assigner-OpenSSL Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.10% / 26.52%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 16:03
Updated-10 Jun, 2026 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-Bounds Read in CMS Password-Based Decryption

Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.

Action-Not Available
Vendor-OpenSSL
Product-OpenSSL
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-2976
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-3.00% / 86.86%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 06:11
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-digital_editionsAdobe Digital Editions 4.5.3 and earlier.
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29089
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.56% / 68.73%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 00:00
Updated-07 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_980exynos_auto_t5123exynos_9110_firmwareexynos_1080exynos_5123_firmwareexynos_auto_t5123_firmwareexynos_9110exynos_980_firmwareexynos_5300exynos_1080_firmwareexynos_5300_firmwareexynos_5123n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-28555
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.17% / 37.26%
||
7 Day CHG+0.01%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Transient DOS in Audio while remapping channel buffer in media codec decoding.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqca8337wcn785x-5mdm9628_firmwarewcn3950_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresm8350wcd9370ssg2115pwcn685x-1sm8450wcn3998wcd9385_firmwareqam8295pwcn3950qcn6024_firmwaremdm9628sm6375_firmwareqam8295p_firmwareqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresm6225-adwcd9375_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresm6225sm6225-ad_firmwaresa4155p_firmwarewcn3988_firmwaresa6145p_firmwaresa8195pwsa8810_firmwaresm8450_firmwaresw5100snapdragon_ar2_gen_1_platform_firmwaresa6155psg4150pqca8081qcm4490wcn685x-1_firmwarewcd9385qca6696_firmwarear8035sm4350_firmwarewcd9375sa8150pwsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475sa8295p_firmwareqca6564awcn6750_firmwaresg4150p_firmwaresa4150pwcn785x-1qcm4325sm6375wcn3991qca8337_firmwarewcd9380_firmwaressg2125psw5100psd865_5gsnapdragon_w5\+_gen_1_wearable_platformqca6564ausm8350-ac_firmwarewsa8835qca6574sxr1230p_firmwaresnapdragon_auto_5g_modem-rfwcd9380ssg2125p_firmwareqca6574awcn685x-5_firmwaresxr1230pwcn6750wcn3980qcm4325_firmwareqca6574_firmwarewsa8815sxr2230psnapdragon_xr2_5g_platform_firmwaresm4450qca6574a_firmwareqcn9024wcn785x-5_firmwarewcn3980_firmwaresa8295psm8475_firmwarewcn6740_firmwareqcm4490_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwsa8832_firmwaresm8350_firmwarewcn685x-5sm6225_firmwarewcn785x-1_firmwareqca6574ausa8155p_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810wsa8832sw5100p_firmwaresnapdragon_ar2_gen_1_platformsa6145psm8350-acqcs4490sa8145pwcn6740qca6696sa4150p_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresa6150psdx55sa8155pqcn6024ssg2115p_firmwaresw5100_firmwaresa4155par8035_firmwareSnapdragonqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwaremdm9628_firmwaresxr1230p_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9385_firmwareqcn6024_firmwareqcm4325_firmwareqca6574_firmwaresd_8_gen1_5g_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwareqca8081_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn6740_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm4490_firmwareqcs4490_firmwarewsa8832_firmwaresa4155p_firmwarefastconnect_6900_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6696_firmwaresa4150p_firmwarewcd9370_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwaresa8295p_firmwaresg4150p_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27730
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 57.43%
||
7 Day CHG~0.00%
Published-09 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27728
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.29%
||
7 Day CHG~0.00%
Published-09 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27857
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-7.5||HIGH
EPSS-17.37% / 95.20%
||
7 Day CHG~0.00%
Published-22 Mar, 2023 | 00:00
Updated-21 Oct, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ThinManager ThinServer Heap-Based Buffer Overflow

In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer.  An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanagerThinManager ThinServer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-28448
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.28% / 52.08%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 19:34
Updated-19 Feb, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Versionize is lacking bound checks, potentially leading to out of bounds memory access

Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the ‘Versionize::deserialize’ implementation provided by the ‘versionize’ crate for ‘vmm_sys_utils::fam::FamStructWrapper', which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.

Action-Not Available
Vendor-versionize_projectfirecracker-microvm
Product-versionizeversionize
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27727
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.29%
||
7 Day CHG~0.00%
Published-09 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-3328
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.89% / 88.52%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 17:07
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.14. A crafted HTTP request can lead to an out-of-bounds read that crashes the application.

Action-Not Available
Vendor-apreliumn/a
Product-abyss_web_server_x1n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-32468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-1.11% / 78.52%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:25
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7628mt7622_firmwaremt7603emt7610mt7612mt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7629mt7613mt7612_firmwaremt7915_firmwaremt7610_firmwaremt7620mt7615_firmwaremt7613_firmwaremt7622mt7915mt7620_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-15228
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 54.02%
||
7 Day CHG~0.00%
Published-22 Oct, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string.

Action-Not Available
Vendor-irssin/a
Product-irssin/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-32469
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.56% / 68.79%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:24
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915 Affected Software Versions 7.4.0.0; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7628mt7622_firmwaremt7603emt7610mt7612mt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7629mt7613mt7612_firmwaremt7915_firmwaremt7610_firmwaremt7620mt7615_firmwaremt7613_firmwaremt7622mt7915mt7620_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-31239
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.46% / 89.32%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 00:00
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.

Action-Not Available
Vendor-sqliten/a
Product-sqliten/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30304
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 59.24%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwareqca2062_firmwareqca2066wcd9380_firmwarewsa8830wcd9385qca2066_firmwareqca2065_firmwarewcd9385_firmwarewcn6851_firmwarewcn6856_firmwareqca2064sc8280xp_firmwaresc8280xpwcn6850qca2065wsa8830_firmwarewsa8835wcn6850_firmwarewsa8835_firmwarewcd9380wcn6855wcn6851qca2064_firmwareqca2062wcn6856Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30195
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 62.31%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:33
Updated-15 Aug, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmwareruntime_toolkit750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204plcwinnt750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-29997
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 36.49%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 16:34
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE.

Action-Not Available
Vendor-windrivern/a
Product-vxworksn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-12554
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.95%
||
7 Day CHG~0.00%
Published-05 Jun, 2019 | 16:23
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the WSubStr function (provided by the scripting engine) allows an attacker to cause a denial of service by crashing the application.

Action-Not Available
Vendor-sweetscapen/a
Product-010_editorn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-25293
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.17% / 37.81%
||
7 Day CHG~0.00%
Published-19 Mar, 2021 | 03:30
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Pillow before 8.1.1. There is an out-of-bounds read in SGIRleDecode.c.

Action-Not Available
Vendor-n/aPython Software Foundation
Product-pillown/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-15682
Matching Score-4
Assigner-Kaspersky
ShareView Details
Matching Score-4
Assigner-Kaspersky
CVSS Score-7.5||HIGH
EPSS-0.43% / 63.36%
||
7 Day CHG~0.00%
Published-30 Oct, 2019 | 15:42
Updated-05 Aug, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5

Action-Not Available
Vendor-rdesktopRDesktop
Product-rdesktopRDesktop
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-12159
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.65%
||
7 Day CHG~0.00%
Published-17 May, 2019 | 18:06
Updated-04 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function (when called from getRequestType) via a long URL.

Action-Not Available
Vendor-gohttp_projectn/a
Product-gohttpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-12990
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.12% / 78.61%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2017-12997
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.45% / 81.20%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2023-26253
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-21 Feb, 2023 | 00:00
Updated-14 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.

Action-Not Available
Vendor-glustern/a
Product-glusterfsn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 15
  • 16
  • Next
Details not found