Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-38393

Summary
Assigner-talos
Assigner Org ID-b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At-10 Jan, 2023 | 20:37
Updated At-14 Jan, 2023 | 04:31
Rejected At-
Credits

A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:talos
Assigner Org ID:b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b
Published At:10 Jan, 2023 | 20:37
Updated At:01 Jan, 1000 | 00:00
Rejected At:
▼CVE Numbering Authority (CNA)

A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Affected Products
Vendor
ASUS (ASUSTeK Computer Inc.)Asus
Product
RT-AX82U
Versions
Affected
  • 3.0.0.4.386_49674-ge182230
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1592
N/A
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1592
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:talos-cna@cisco.com
Published At:10 Jan, 2023 | 21:15
Updated At:14 Jan, 2023 | 04:31

A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
ASUS (ASUSTeK Computer Inc.)
asus
>>rt-ax82u>>-
cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*
ASUS (ASUSTeK Computer Inc.)
asus
>>rt-ax82u_firmware>>3.0.0.4.386_49674-ge182230
cpe:2.3:o:asus:rt-ax82u_firmware:3.0.0.4.386_49674-ge182230:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarytalos-cna@cisco.com
CWE ID: CWE-125
Type: Primary
Source: talos-cna@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1592talos-cna@cisco.com
Exploit
Third Party Advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1592
Source: talos-cna@cisco.com
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

751Records found
CVE-2023-34358
Matching Score-10
Assigner-TWCERT/CC
ShareView Details
Matching Score-10
Assigner-TWCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.39%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 04:09
Updated-21 Oct, 2024 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AX88U - Out-of-bounds Read - 1

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax88u_firmwarert-ax88uRT-AX88Urt-ax88u
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34359
Matching Score-10
Assigner-TWCERT/CC
ShareView Details
Matching Score-10
Assigner-TWCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.35% / 58.09%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 04:31
Updated-21 Oct, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AX88U - Out-of-bounds Read - 2

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_decode()" function of ej.c, resulting in a DoS condition.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax88u_firmwarert-ax88uRT-AX88Urt-ax88u
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34942
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.29%
||
7 Day CHG~0.00%
Published-12 Jun, 2023 | 00:00
Updated-02 Aug, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-n10lx_firmwarert-n10lxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3254
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.62% / 70.46%
||
7 Day CHG~0.00%
Published-11 May, 2022 | 11:55
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Asus DSL-N14U-B1 1.1.2.3_805 allows remote attackers to cause a Denial of Service (DoS) via a TCP SYN scan using nmap.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-dsl-n14u-b1_firmwaredsl-n14u-b1n/a
CVE-2021-3229
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.62% / 70.61%
||
7 Day CHG~0.00%
Published-05 Feb, 2021 | 21:36
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and earlier versions allows an attacker to disrupt the use of device setup services via continuous login error.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ax3000rt-ax3000_firmwaren/a
CVE-2019-15912
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.43% / 63.18%
||
7 Day CHG~0.00%
Published-20 Dec, 2019 | 16:03
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-ms-101_firmwarets-101_firmwarehg100ws-101_firmwarets-101dl-101_firmwarehg100_firmwaremw100_firmwaredl-101mw100as-101as-101_firmwarems-101ws-101n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11060
Matching Score-8
Assigner-TWCERT/CC
ShareView Details
Matching Score-8
Assigner-TWCERT/CC
CVSS Score-7.4||HIGH
EPSS-1.34% / 80.43%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 00:19
Updated-16 Sep, 2024 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HG100 contains an Uncontrolled Resource Consumption vulnerability

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time. CVSS 3.0 Base score 7.4 (Availability impacts). CVSS vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-hg100_firmwarehg100HG100 firmware
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2018-20335
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.68% / 82.57%
||
7 Day CHG~0.00%
Published-20 Mar, 2020 | 00:11
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ac1750rt-ax3000rt-n56rrt-acrh13rt-ac1200gert-ac66urt-ac1200grt-ac66rrt-ac1200rt-n10\+d1rt-ac3200rt-acrh12rt-n600rt-ac68urt-ac5300rt-ax88urt-n56urt-n19rt-ax92urt-ac68pgt-ac2900rt-n10ert-ac86urt-ac56srt-n65urt-ax56urt-ac56urt-n16rt-ac66u-b1rt-n14urt-ac55urt-ax58uasuswrtrt-ac88urt-ac87urt-ac56rrt-n66rrt-g32rt-n66urt-ac51urt-ac1900pgt-ax11000rt-ac3100rt-ac66u_b1rt-ac1750_b1rt-ac1200_v2gt-ac5300n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-17020
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.72% / 72.94%
||
7 Day CHG~0.00%
Published-13 Sep, 2018 | 19:00
Updated-17 Sep, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allow remote attackers to cause a denial of service via a single "GET / HTTP/1.1\r\n" line.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-gt-ac5300_firmwaregt-ac5300n/a
CVE-2018-17127
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.96% / 76.93%
||
7 Day CHG~0.00%
Published-17 Sep, 2018 | 04:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-gt-ac5300_firmwaregt-ac5300n/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-11492
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.92% / 92.76%
||
7 Day CHG~0.00%
Published-10 Aug, 2018 | 16:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ASUS HG100 devices allow denial of service via an IPv4 packet flood.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-hg100hg100_firmwaren/a
CVE-2021-3128
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.48% / 85.61%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 17:41
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ax3000rt-ac58u_firmwarert-ac88u_firmwarert-ax56u_firmwarert-ac2900rt-ac1900_firmwarert-ac85urt-ac68r_firmwarert-ax82u_firmwarert-ax68urt-ax88u_firmwarert-ac1750_b1_firmwarert-ac5300rt-ac68urt-ac68wrt-ac68rrt-ax88urt-ac5300_firmwarezenwifi_ax_\(xt8\)rt-ax68u_firmwarert-ax86urt-ac1900rt-ac68prt-ac65u_firmwarert-ac85u_firmwarert-ac68p_firmwarert-ax55_firmwarert-ac86urt-ax56urt-ac68u_firmwarert-ax86u_firmwarert-ac65urt-ax58urt-ax55rt-ac3100_firmwarert-ac68rw_firmwarert-ac88urt-ac1900urt-ac1900u_firmwarert-ac66u_b1_firmwarert-ac68rwrt-ax3000_firmwarert-ax58u_firmwarert-ac66u_b1rt-ac1900p_firmwarert-ac1900prt-ax82urt-ac2900_firmwarert-ac3100rt-ac58urt-ac86u_firmwarert-ac68w_firmwarert-ac1750_b1zenwifi_ax_\(xt8\)_firmwaren/a
CWE ID-CWE-834
Excessive Iteration
CVE-2021-3166
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.71% / 89.60%
||
7 Day CHG~0.00%
Published-18 Jan, 2021 | 04:55
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An attacker can upload arbitrary file content as a firmware update when the filename Settings_DSL-N14U-B1.trx is used. Once this file is loaded, shutdown measures on a wide range of services are triggered as if it were a real update, resulting in a persistent outage of those services.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-dsl-n14u_b1dsl-n14u_b1_firmwaren/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2024-26342
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 67.98%
||
7 Day CHG~0.00%
Published-28 Feb, 2024 | 00:00
Updated-28 Apr, 2025 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Null pointer dereference in usr/sbin/httpd in ASUS AC68U 3.0.0.4.384.82230 allows remote attackers to trigger DoS via network packet.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-4g-ac68u_firmware4g-ac68un/aac68u
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-45757
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.66% / 71.61%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 10:55
Updated-04 Aug, 2024 | 04:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ac68u_firmwarert-ac68un/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-41436
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.58% / 89.45%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 11:14
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ax82u_gundam_editionrt-ax86s_firmwarert-ax3000gt-ax11000_firmwarert-ax56u_firmwarert-ax92u_firmwaretuf-ax5400rt-ax82u_firmwarert-ax88u_firmwarert-ax68urt-ax56u_v2rt-ax88urt-ax82u_gundam_edition_firmwarert-ax92utuf_gaming_ax3000_firmwarert-ax86utuf_gaming_ax3000zenwifi_ax_\(xt8\)rt-ax68u_firmwarert-ax55_firmwarert-ax56urt-ax86u_zaku_ii_edition_firmwarert-ax86u_zaku_ii_editionzenwifi_xd6rt-ax86u_firmwaretuf-ax5400_firmwarert-ax58urt-ax55rt-ax56u_v2_firmwarert-ax3000_firmwaregt-ax11000rt-ax58u_firmwarert-ax82uzenwifi_xd6_firmwarert-ax86szenwifi_ax_\(xt8\)_firmwaren/a
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2023-34940
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.29%
||
7 Day CHG~0.00%
Published-12 Jun, 2023 | 00:00
Updated-06 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-n10lx_firmwarert-n10lxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-15910
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.40%
||
7 Day CHG~0.00%
Published-20 Dec, 2019 | 16:03
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-ms-101_firmwarets-101_firmwarehg100ws-101_firmwarets-101dl-101_firmwaremw100_firmwarehg100_firmwaredl-101mw100as-101as-101_firmwarems-101ws-101n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-21459
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 64.22%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Transient DOS while parsing per STA profile in ML IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6678aq_firmwareqcm8550_firmwarewcn6650wsa8845_firmwarewsa8832wcd9378_firmwareqcc2076_firmwareqca6595sm8735srv1lwcd9335sm7675pqca6678aqqca8081_firmwaresrv1mwcd9370ar8035_firmwareqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwarewcn7860_firmwarewcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750wcn6450qcc2073_firmwareqcc710_firmwarefastconnect_6700qca6564auwsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337wcd9395sg8275p_firmwareqcm6490_firmwareqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auvision_intelligence_400_firmwarewcd9390sa8620p_firmwarewsa8845h_firmwareflight_rb5_5gsa9000p_firmwaresrv1hsm8650q_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs9100qca6554aqcs5430sa8295p_firmwarewcn7860qcm5430qcm5430_firmwaresa8770pqca6584auqcn6274_firmwaressg2115pqcn9011_firmwareqcc710wcn6755_firmwarewcn6650_firmwareqca6777aqsnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900sa7255psm8635qfw7114sm8635_firmwarewcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pqmp1000_firmwarewcn7880sxr2330pwcn6755qca6787aqwsa8845sa6155pqca6564au_firmwaresxr1230pqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresm6650wcn7881qca6595auvideo_collaboration_vc3_platformsxr2250p_firmwaresa6155p_firmwaresm6650pwsa8840qca6688aqqam8295p_firmwaresnapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwarewcn3990_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6698aq_firmwaresm8750pwcd9385qcn9012sa8255pqcs7230_firmwaresm8635psxr1230p_firmwarewcd9390_firmwareqmp1000snapdragon_8_gen_2_mobileqcs615_firmwaresg8275pwcd9370_firmwaresm8750_firmwareqcc2076flight_rb5_5g_firmwaressg2125pqca6554a_firmwaresa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwaresa8195pwcd9340qcs8250_firmwareqamsrv1mrobotics_rb5snapdragon_auto_5g_modem-rf_gen_2wcn7861_firmwareqcm6490wcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwaresxr2250pqcm8550qcs6490_firmwareqcn9274sm6650_firmwareqam8620pqca6584au_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresxr2230p_firmwareqca6777aq_firmwarewsa8835wsa8840_firmwareqcs8300_firmwareqcn9011sa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hqcs8300wcd9380_firmwareqca6574_firmwaresm8650qsa8155p_firmwareqca8081sa8155pwcd9335_firmwarewsa8830qam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresm8550psnapdragon_x75_5g_modem-rfsa8620psm7675_firmwaresa8255p_firmwareqcc2073ar8035qca6574a_firmwareqamsrv1m_firmwaresm7635_firmwarewcn7750_firmwaresa8650p_firmwarewcn6450_firmwareqca6787aq_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresrv1l_firmwareqcn6224qcs9100_firmwareqcn9274_firmwareqcs615qcn9012_firmwareqcs5430_firmwareqca6698aqsa7775p_firmwaresm7635ssg2125p_firmwareqrb5165nsa8295psa8770p_firmwareqcs8550sm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwarewcd9378sm8635p_firmwareqca6688aq_firmwaresm6650p_firmwaresm8750p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_ar2_gen_1fastconnect_6700_firmwareqamsrv1h_firmwaresm7675video_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwarevision_intelligence_400ssg2115p_firmwarewsa8835_firmwareqcs6490qcs8250sm7675p_firmwaresnapdragon_8_gen_3_mobilewsa8830_firmwareqcn6224_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2015-7507
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 70.50%
||
7 Day CHG~0.00%
Published-18 Feb, 2020 | 18:03
Updated-06 Aug, 2024 | 07:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.

Action-Not Available
Vendor-netsurf-browsern/a
Product-libnsbmpLibnsbmp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-3646
Matching Score-4
Assigner-Arista Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Arista Networks, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.18% / 39.96%
||
7 Day CHG~0.00%
Published-29 Aug, 2023 | 16:31
Updated-30 Sep, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-7280dr3am-367280dr3a-547280dr3-247800r3a-36pm7504r37800r3ak-36dm7289r3a-sc7812r37289r3ak-sc7280dr3ak-367500r3-36cq7500r3-24d7500r3-24p7800r3k-48cq7800r3-48cq7800r3ak-36pm7280cr3a-727289r3am-sc7800r3k-72y7512r37800r3a-36dm7280cr3a-48d67280sr3-40yc67280dr3ak-547280cr3-967800r3a-36d7800r3a-36p7500r3k-48y4d7800r3k-48cqms7280r37800r3k-36dm7280tr3-40c67280dr3am-547500r3k-36cq7512r37280cr3-32d47280cr3-36s7508r37800r3-36p7808r37280cr3-32p47816r37280cr3a-24d127280pr3-24eos7280sr3-48yc87800r3-36d7280dr3a-36EOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21454
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 57.95%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:49
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Embedded SW

Transient DOS while processing received beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_x20_lte_modemimmersive_home_214robotics_rb3sd865_5gapq8017sa6150p_firmwaresw5100psxr1120sm8735snapdragon_670_mobilesxr2330p_firmwarear9380snapdragon_8\+_gen_1_mobilefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_685_4g_mobilesa4150psnapdragon_782g_mobile_firmwaresnapdragon_x50_5g_modem-rf_firmwaresnapdragon_auto_4g_modemsnapdragon_665_mobile_firmwaresc8180xp-aaabsnapdragon_690_5g_mobile_firmwaresnapdragon_x72_5g_modem-rfsm6370snapdragon_820_automotivesnapdragon_x12_lte_modemsnapdragon_888\+_5g_mobile_firmwaresa8620p_firmwaresd730_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresc8180xp-acafsrv1hsm8650q_firmwaresd730snapdragon_820_automotive_firmwarefastconnect_6800_firmwaresnapdragon_690_5g_mobilesdx20msnapdragon_636_mobile_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_712_mobile_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115psd821snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_x5_lte_modem_firmware315_5g_iot_modem_firmwarefastconnect_6900robotics_rb2snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsa7255psm8635snapdragon_730_mobile_firmware315_5g_iot_modemsa8155_firmwaresdx61snapdragon_x65_5g_modem-rfsnapdragon_730_mobilesc7180-adsd821_firmwaresnapdragon_680_4g_mobilesa6155psc8180x-adsd820csr8811_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwaresnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaresnapdragon_845_mobile_firmwaresnapdragon_ar1_gen_1srv1m_firmwaresnapdragon_x35_5g_modem-rf_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwaresm8750psnapdragon_695_5g_mobile_firmwaresnapdragon_x55_5g_modem-rf_firmwaresm4125_firmwaresnapdragon_850_mobilesm8635psnapdragon_x62_5g_modem-rf_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileapq8064au_firmwarecsrb31024robotics_rb2_firmwaresnapdragon_712_mobilesa7255p_firmwaresnapdragon_x72_5g_modem-rf_firmwaresm7635p_firmwaresnapdragon_8\+_gen_2_mobilesa8195psnapdragon_1200_wearable_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_7c_firmwaresxr2250psm8550p_firmwaresnapdragon_x20_lte_modem_firmwaresm6370_firmwaresnapdragon_765_5g_mobile_firmwaresnapdragon_662_mobileapq8076vision_intelligence_300_firmwaresa8775psxr2230p_firmwaresd675_firmwarear9380_firmwaresnapdragon_855_mobile_firmwaresa8775p_firmwaresmart_audio_400sa6150psm8650qsa8155p_firmwaresnapdragon_630_mobilesa8155phome_hub_100snapdragon_765g_5g_mobile_firmwaresm8550psa6145psnapdragon_768g_5g_mobile_firmwaresc8180x\+sdx55_firmwareimmersive_home_318_firmwaresa8255p_firmwaresm7675_firmwarear8035sm7635_firmwaresnapdragon_4_gen_2_mobilesa6155sa8650p_firmwaresnapdragon_820_mobile_firmwaresm7635pimmersive_home_216_firmwareimmersive_home_316srv1l_firmwaresnapdragon_x5_lte_modemsnapdragon_865\+_5g_mobile_firmwareapq8064ausc8180x\+sdx55sa7775p_firmwaressg2125p_firmwaresm6250sm7635snapdragon_480\+_5g_mobilefastconnect_6200sd670sm7325p_firmwaresa8145p_firmwaresd460sc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwaresm8635p_firmwaresm6650p_firmwaresa8150p_firmwarefastconnect_6700_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobilesnapdragon_695_5g_mobilesc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarehome_hub_100_firmwaresnapdragon_460_mobile_firmwaresd660_firmwaresnapdragon_7c\+_gen_3sdx61_firmwaresnapdragon_auto_4g_modem_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresrv1limmersive_home_216srv1msxr2130_firmwaresm7675psnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobilesc8380xpsa4150p_firmwaresd888_firmwaresnapdragon_x62_5g_modem-rfsm4635snapdragon_820_mobilesc8180xp-adsm6250p_firmwaresc8280xp-abbbsa8195p_firmwaresnapdragon_x12_lte_modem_firmwaresd_455_firmwarear8031sg8275p_firmwaresnapdragon_xr2\+_gen_1snapdragon_665_mobilesm7250p_firmwaresm4635_firmwaresm4125vision_intelligence_400_firmwareflight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_730g_mobile_firmwaresm8750snapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_732g_mobilesnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresnapdragon_870_5g_mobilesmart_audio_200_firmwaresa4155p_firmwaresnapdragon_720g_mobilesnapdragon_678_mobilesd_455sm7250pcsrb31024_firmwaresa8155sd_8cx_firmwaresc8180x-acafsm6250_firmwaresnapdragon_652_mobilesc8180x-ad_firmwaresd888sd460_firmwaresnapdragon_675_mobile_firmwaresw5100_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwaresnapdragon_780g_5g_mobile_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800fastconnect_7800_firmwaresnapdragon_675_mobileimmersive_home_214_firmwaresnapdragon_865_5g_mobile_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwareapq8017_firmwaresa6145p_firmwaresa6155_firmwaresxr2230psmart_audio_200snapdragon_xr2_5gsa8150psxr2330psnapdragon_x24_lte_modemsnapdragon_1200_wearablesnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsxr1230psc8180x-aaab_firmwaresd662_firmwaresm6650sw5100video_collaboration_vc3_platformaqt1000snapdragon_4_gen_1_mobile_firmwaresm6650psd855sm7315snapdragon_660_mobilesdx20m_firmwaresnapdragon_888\+_5g_mobilesnapdragon_xr2\+_gen_1_firmwaresnapdragon_8_gen_1_mobilesnapdragon_630_mobile_firmwaresd662snapdragon_680_4g_mobile_firmwaresa8255psxr1230p_firmwaresnapdragon_821_mobilesnapdragon_865\+_5g_mobilesd820_firmwaresnapdragon_855\+_mobilesg8275psm6250psnapdragon_765_5g_mobilesnapdragon_860_mobilesdx55_firmwaresc8180xp-ad_firmwaresm8750_firmwaresnapdragon_auto_5g_modem-rfflight_rb5_5g_firmwaressg2125psxr21309206_lte_modem_firmwaresnapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaresnapdragon_480\+_5g_mobile_firmwarerobotics_rb5sm7325psnapdragon_x50_5g_modem-rfsnapdragon_732g_mobile_firmwarevideo_collaboration_vc5_platformsnapdragon_670_mobile_firmwareaqt1000_firmwaresm6650_firmwaresnapdragon_652_mobile_firmwaresd855_firmwaresnapdragon_x24_lte_modem_firmwaresw5100p_firmwaresnapdragon_7ccsra6620sd660sg4150psd_8_gen1_5gsnapdragon_ar2_gen_1_firmwaresnapdragon_x75_5g_modem-rfsa8620p9206_lte_modemsdx55snapdragon_4_gen_1_mobilesnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675snapdragon_821_mobile_firmwaresd_8_gen1_5g_firmwaresa7775psnapdragon_7c\+_gen_3_firmwaresnapdragon_ar1_gen_1_firmwareimmersive_home_318snapdragon_710_mobilesnapdragon_x32_5g_modem-rfsg4150p_firmwaresa8770p_firmwarecsra6620_firmwaresa8295psm8735_firmwaresc8280xp-abbb_firmwarefastconnect_7800sa8650psd865_5g_firmwaresm8750p_firmwaresnapdragon_xr1sc7180-ad_firmwareapq8076_firmwaresnapdragon_8\+_gen_2_mobile_firmwarevision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobilesnapdragon_850_mobile_firmwareimmersive_home_316_firmwaresnapdragon_636_mobilesm7675sa8145psd_675snapdragon_8\+_gen_1_mobile_firmwaresd_8cxvision_intelligence_400ssg2115p_firmwarecsr8811sm7675p_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33015
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.35%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca2066sa6150p_firmwareipq4028_firmwaresc8180x-ab_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwareqcn5124qca4024_firmwarewcn3950_firmwaresnapdragon_8_gen_1sc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335qca2062snapdragon_x55_5gsnapdragon_xr2\+_gen_1sc8180xp-adqca6554a_firmwareqam8295pwcn3950qcn6024_firmwareipq8076asd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350snapdragon_x65_5g_firmwaresm7315_firmwaresnapdragon_778g\+_5gqca6428snapdragon_x55_5g_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360snapdragon_xr2_5gqca6438_firmwareqca9986snapdragon_888_5gipq8070_firmwaresc8180xp-afipq8065ipq8078a_firmwareqca6678aq_firmwareqrb5165m_firmwareipq5028ipq4029_firmwaresc8180xp-aa_firmwareqca6698aqsa8155_firmwareipq6010ipq8068qca6430snapdragon_870_5gsnapdragon_778g\+_5g_firmwarewcd9340qcn6132qca6436sa6155pqca6698aq_firmwaresnapdragon_865\+_5g_firmwareqca9888_firmwareqcn6122wcd9341sa8255pipq8068_firmwareqca6696_firmwareqca2066_firmwareqca6431sc8180xp-ab_firmwareqca1062sc8180x-abqcn5154_firmwareqca6797aqsa8150psnapdragon_auto_4g_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresnapdragon_778g_5gqca6438sa8195p_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresnapdragon_865_5g_firmwareqca9898sa8295p_firmwareipq4028qca6428_firmwareqca9985_firmwareimmersive_home_216_firmwareipq4018_firmwareqca8337_firmwaressg2125pwcd9380_firmwareipq8072aqca9980_firmwareimmersive_home_214_firmwareipq8076a_firmwareipq8078qca6564auipq8173snapdragon_8_gen_1_firmware315_5gqcn5164snapdragon_ar2_gen_1qca6574csr8811_firmwarewcd9380sc8180xp-aafastconnect_6700qcn5054_firmwareqcn5024snapdragon_auto_5gsxr1230psc8180xp-ad_firmwareqca9985qcn9012_firmwareqca8072_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815pmp8074_firmwaresnapdragon_xr2\+_gen_1_firmwareqca9986_firmwareqcs8250qca6426_firmwareqca9984ipq6028ipq8064sc8180x-adpmp8074qcn9024wcn3980_firmwaresnapdragon_888_5g_firmwareipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwareqca6678aqipq8078_firmwarefastconnect_6900qcn5054fastconnect_6900_firmwareipq8070immersive_home_318qca9994qca6797aq_firmwareqca9980qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_1_firmwarewsa8832sc8180xp-ac_firmwareqcn7605_firmwareqsm8250sa6145pipq6018qca9886_firmwareqcs4490qca6595_firmwaresa8145psc8280xp-bbqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sdx55sd888_firmwareqcn5021_firmwaresa8155pssg2115p_firmwareqam8255par8035_firmwareqsm8250_firmwareqcn7606qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwaresa8145p_firmwaresnapdragon_x65_5gqca1062_firmwareimmersive_home_318_firmwarecsrb31024snapdragon_7c\+_gen_3_firmwareqcn9072sc8280xp-bb_firmwareqca9992qca6420_firmwareipq8069_firmwareqca2064_firmwarewcd9370immersive_home_216ssg2115pqcn5152_firmwareqca6426sc8280xp-abqca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareqcn7605snapdragon_782g_firmwarefastconnect_6200snapdragon_780g_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqca1064qcn9011_firmwareflight_rb5_5g_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nsnapdragon_888\+_5gipq5010immersive_home_214qca6564au_firmwareqca6584ausa6155p_firmwareqca6310ipq8174qca9990qcs6490qcn5052qcs8550_firmwaresnapdragon_778g_5g_firmwareqcn9074sa6145p_firmwareqca6421fastconnect_6700_firmwaresa8195pwsa8810_firmwarerobotics_rb5sa8255p_firmwaresnapdragon_780g_5gqca8081qcm4490qcn6023ipq8071aipq8071a_firmwarewcd9385sxr2130_firmwaresnapdragon_auto_4gqcs6490_firmwareqca2065_firmwareimmersive_home_316_firmwaresc8180x-acsnapdragon_xr2_5g_firmwareqca9898_firmwarewcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwareqcm6490wsa8835_firmwaresa4150pqca8072snapdragon_865_5gqcn9000qca6554asd865_5gfastconnect_6800qca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_auto_5g_firmwarewsa8835sd_8_gen1_5gsnapdragon_7c\+_gen_3snapdragon_865\+_5gqcn5154qca8075_firmwaresc8180xp-acsxr2130ssg2125p_firmwareipq4018qca6574aqca9889sc8180x-afsm7325pqcn6132_firmwareqca9888qca6310_firmwareipq8074qca9994_firmwaresnapdragon_8\+_gen_1ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886snapdragon_888\+_5g_firmwaresm7325p_firmwaresxr2230pipq8076snapdragon_782g315_5g_firmwareqca6574a_firmwarefastconnect_6200_firmwareipq8069qcn5021qcn5152qrb5165msm7315qca6391sc8280xp-ab_firmwarefastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_ar2_gen_1_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180xp-af_firmwareipq8074_firmwareimmersive_home_316qca9889_firmwareqca6574ausa8155p_firmwareqcn5122qcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810sc8180x-aa_firmwarerobotics_rb5_firmwareqcn5022sc8180x-aaipq6010_firmwaresc8180x-af_firmwareqca1064_firmwarewcn6740qca6696qcs8550sc8180xp-absa6150pqca8075qcn9022_firmwaresnapdragon_870_5g_firmwareqcn6024qcn9022qca9990_firmwareflight_rb5_5gipq8070asc8180x-ad_firmwareqcn9072_firmwareqcn9074_firmwareipq4029Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33027
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing rsn ies.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd865_5gqca6595snapdragon_xr1_platformipq6028_firmwareimmersive_home_214_platformqca8081_firmwareqcn9001sm7250-absnapdragon_x50_5g_modem-rf_systemwcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024ar9380qcc710_firmwareqca6426sc8180x-absa4150pqcn5124_firmwaresm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qcn7605qca6574au_firmwareqcn7606_firmwareipq8078a_firmwarewcn785x-5qam8295pwcd9341wsa8810_firmwaresd730_firmwarewsa8845h_firmwareqca2064_firmwaresdm670sm8150-acsm6375_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acvideo_collaboration_vc1_platform_firmwaresa4155pqcn9000qca2062_firmwaresm6375sm7250-aa_firmwareqsm8250_firmwaresc8180xp-acqsm8350_firmwarevideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310snapdragon_630_mobile_platformipq8074a_firmwareipq8076aqcs603_firmwarewcd9360snapdragon_ar2_gen_1_platform_firmwareimmersive_home_3210_platform_firmwaresa6155psm7150-ac_firmwareqca6564au_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresm7325_firmwaresa6155p_firmwareqca6390_firmwaresd835qca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070sc8180x-afsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqca8084sm4125_firmwaresm8250-ac_firmwareqca6420wcn3910csrb31024snapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwareqcc2076snapdragon_660_mobile_platformqca6574asm7325-aeqca9898_firmwarewcd9340qcs8250_firmwareqcm2290snapdragon_630_mobile_platform_firmwaresm6150-acsc8180xp-aa_firmwareqcn6122_firmwareqcn5154_firmwaresm8150-ac_firmwareipq8074sm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcn5122_firmwareqcn9024pmp8074qca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemqca2066_firmwaresdm710_firmwaresc8180xp-ac_firmwareqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550psa6145pqcn6122sa8255p_firmwarewcn785x-1_firmwareqcc2073qrb5165m_firmwareqca9985ipq8071aqcn6112wcn3950_firmwareqrb5165nqca1062_firmwaresc7180-acsm7325p_firmwaresd460wcd9360_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresd670_firmwareimmersive_home_326_platform_firmwareqca6438_firmwaresc8280xp-bb_firmwareqcn9072sm7150-aaqcn6224_firmwareipq4028_firmwareqca6431sd660_firmwareqca8082_firmwaresm6350sxr2130_firmwarear8035_firmwareqrb5165mqca1064qca6320snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwareqcs6125_firmwareqca9992_firmwareqca6428qca9990ipq8070ipq9008_firmwareqcn9074sdm712_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresm7325ipq8173sm8350-ac_firmwaresm7250p_firmwarewcn3999ipq6010_firmwarewcn785x-5_firmwarewcn3950sm4250-aasnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm4350_firmwaresm7350-ab_firmwareipq5028qca9986wcn3991qcf8001_firmwareqcn9070_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresm7150-aa_firmwaresnapdragon_845_mobile_platform_firmwaresd888sd460_firmwaresnapdragon_4_gen_2_mobile_platformipq8069wcn685x-5ipq8065qca6310_firmwareqcs7230sm8250-acwcd9371qcn9001_firmwaresc8180xp-aasnapdragon_xr2_5g_platform_firmwareqca8075_firmwarevision_intelligence_300_platform_firmwaresm7350-absm8350_firmwareqca2065_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwaresm7225_firmwareqca6698aq_firmwareqcs2290qcn76068998_firmwareqcs2290_firmwaresc8280xp-bbwcn3999_firmwareqca8084_firmwareqcn7605_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwaresc8180xp-abwcn6750qcn5024qca6430wcn6750_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125pcsra6640_firmwaresm4350immersive_home_326_platformqcn9013_firmwareqam8650p_firmwarewcn3998qca2062video_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwaresd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwaresm4250-aa_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660sdm670_firmwaresm4375wsa8815qam8775pqcm4325_firmwaresm7125_firmwareipq8069_firmwareqcm4290_firmwareqca9888_firmwareqca9889qca1062qcn5024_firmwareqcn9002_firmwareipq5010qcn9274_firmwaresg4150p_firmwaresc8180xp-af_firmwarecsra6620_firmwareqcs8550ipq8068_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresc7180-ad_firmwarewcd9375sdm712qca9889_firmwaresa8145psd_675immersive_home_316_platformsm4350-ac_firmwareqca2066csr8811sc7180-ac_firmwaresm7250-ac_firmwarewcn685x-1_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100psxr1120ipq9574qcn9000_firmwareqcn6102_firmwarevision_intelligence_300_platformqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca6696wcd9341_firmware8998qcn9003_firmwareqca6390qcc2073_firmwareipq8076wcn6740_firmwareqca1064_firmwareipq6018_firmwareqca9984_firmwareqcn6023immersive_home_216_platformqca9994_firmwareipq6000snapdragon_auto_4g_modemipq8078asm8150_firmwareqca6574auwcd9390csra6640sc8180x-af_firmwareqcn9100_firmwareqcn5122sd730qca6554aqcn6024_firmwareqca9886_firmwaresm8350qcm6125_firmwaressg2115pqcc710snapdragon_850_mobile_compute_platformqcn6132_firmwaresxr1120_firmwareqcn5054robotics_rb3_platform315_5g_iot_modem_firmwaresm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwareipq8064sa8155_firmwareqcn5164sm7150-abqca6335qcs4490sc7180-adsc8180xp-afsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6421_firmwareqcm6125sc8180x-adcsr8811_firmwaresm7125wsa8810qcn5021qca8085qsm8250snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595ausm7315_firmwarewcd9326_firmwarewsa8840qcs8550_firmwareqca9986_firmwareqfw7124_firmwareqcn9012wcd9371_firmwareqcs4490_firmwareqcf8001wcn3910_firmwaresdx65mwcd9370_firmwareipq9570sa8195pqca6335_firmwareqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformqcn9274ipq8076a_firmwareipq9570_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwareqca6430_firmwaresc8180x-aaipq4029_firmwareqcn9011qcs605qcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_662_mobile_platformqcn9074_firmwareipq8174sc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwareipq8174_firmwaresnapdragon_665_mobile_platformar8035ipq8072asa6155qca2065qcm4325robotics_rb5_platformqcn6224sc8280xp-absm8475_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250sm7250-acsc8180x-aa_firmwaresd670wcn685x-1sa8145p_firmwaresa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformsnapdragon_636_mobile_platform_firmwarewcn3990qca6428_firmwareqcn9002ipq8078snapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250ipq9554_firmwarear8031_firmwarewsa8830_firmwareqca6678aq_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqcc2076_firmwareqcs603qca6678aqsnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresm8475qca9992sm8250-ab_firmwaresa4150p_firmwareqca9898ipq9008ipq9554qca6564ausc8180xp-adsm6250p_firmwareimmersive_home_214_platform_firmwaresm7325-af_firmwaresa8195p_firmwareqcm4290qcn5054_firmwareqca9888ipq5332snapdragon_680_4g_mobile_platformsd_455_firmwareqcn9013ar8031sg8275p_firmwareqcm6490_firmwareipq8072a_firmwaresm4125qcm4490_firmwarerobotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcn6112_firmwareqcs6125apq5053-aa_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwareqca8085_firmwareapq5053-aasdm710sd_455qca9886qcn6132sm6250_firmwaresc8180x-ad_firmwareqcn6102qca6584auqca6320_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740sm6225-ad_firmwareqfw7114_firmwareqcs605_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250_firmwareimmersive_home_216_platform_firmwareipq8070asm7225wcd9380ipq4028qam8255psa6145p_firmwaresa6155_firmwaresxr2230pqca9990_firmwaresa8150pqcn9003snapdragon_665_mobile_platform_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230psm6225-adsd662_firmwaresm4350-acipq6010sw5100aqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855sc8180x-ab_firmwarewcn3990_firmwaresm7315qca6564a_firmwarewcd9385qca9994qsm8350sc8180xp-ab_firmwaresd662qcs4290sxr1230p_firmwareipq4018sg8275psm6250psdx55_firmwareipq8071a_firmwareqca6438qca6554a_firmwaresxr2130ipq6028qcm44908098_firmwaresnapdragon_636_mobile_platformqcn9100sm7150-ab_firmwaresnapdragon_xr2\+_gen_1_platformipq4029sm7325paqt1000_firmwareipq4018_firmwaresm6150-ac_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274sc8180x-acqfw7124ipq8074_firmwareqca6595au_firmwareqca0000sc8180x-ac_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwareqca6797aqsm4375_firmwareqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwareipq8074aimmersive_home_318_platformsd675sm6350_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca8386qca6391wcn785x-1ipq8173_firmwareqcn9012_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295p8098snapdragon_xr1_platform_firmwarerobotics_rb5_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwareipq8078_firmwarewcn685x-5_firmwarewcn3988_firmwareipq8070_firmwareqcn5154sd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_660_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980qcs610Snapdragonqam8255p_firmwaresnapdragon_850_mobile_compute_platform_firmwaresa6150p_firmwaresm6250p_firmwareipq4028_firmware315_5g_iot_modem_firmwaresg8275p_firmwareipq8173_firmwareqca6431_firmwarewcd9360_firmwareqca4024_firmwareimmersive_home_318_platform_firmwarewcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresd_455_firmwarecsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6554a_firmwarewcd9371_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresd460_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6438_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareipq4029_firmwaresa4155p_firmwareqcf8001_firmwaresa8155_firmwarerobotics_rb3_platform_firmwaresd662_firmwareqca6698aq_firmwareqca9888_firmwareqam8775p_firmwareipq8068_firmwareqca2066_firmwareqca6696_firmwareipq9008_firmwareqcn5154_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqca9980_firmwareipq8076a_firmwareqcn9001_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwarecsr8811_firmwareipq9554_firmwareqcn5054_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwarewcd9335_firmwareqca6335_firmwareqcc2073_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarepmp8074_firmwaresnapdragon_630_mobile_platform_firmwareqca9986_firmwareqca6426_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwarear8031_firmwareipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwareqca9886_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqsm8250_firmwareqcn5024_firmwaresnapdragon_662_mobile_platform_firmwaresa8145p_firmwaresxr2230p_firmwareqca1062_firmwareqcs2290_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwareipq8069_firmwareqca2064_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9385_firmwarewcd9326_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwaresnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3999_firmwareqcn6023_firmwarewsa8845h_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwaresdx65m_firmwareipq8071a_firmwareqcs4290_firmwareqca8085_firmwaresxr2130_firmwareqca2065_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqca9898_firmwaresm6250_firmwareqcn9100_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_636_mobile_platform_firmwaresxr1120_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwarear9380_firmwareqcs7230_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcn6132_firmwareqcn9003_firmwareqca6310_firmwareqca9994_firmwareqcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareipq8074_firmwareqca9889_firmwaresa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcn9013_firmwaresd835_firmwareqam8650p_firmwareipq6010_firmwareqca1064_firmwareqcn9022_firmwarewcd9390_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33081
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 34.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresc8180x-ab_firmwareqca8337qfw7124ipq8173_firmwareqca6431_firmwareqam8775pqcf8001qcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwareqca6595au_firmwarewcn685x-1wcn3998qca6554a_firmwaresc8180xp-adipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwareqca8084_firmwareqca6574au_firmwareqcn5164_firmwarewcn3998_firmwareqca8081_firmwareqca6420sc8180xp-afipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqsc8180xp-aa_firmwareqca0000qcf8001_firmwareipq6010sc8380xp_firmwareqca6430sdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwarewcn685x-1_firmwareqca9888_firmwareqam8775p_firmwareqcn6122wcd9341qca6431qca6696_firmwaresc8180xp-ab_firmwareipq9008_firmwareqca1062sc8180x-abqcn5154_firmwareqca6797aqqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn5164qca6574csr8811_firmwaresc8180xp-aawcd9380ipq9554_firmwareqcn5024sxr1230psc8180xp-ad_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815qcn6112qca6426_firmwaresc8380xpipq6028sc8180x-adqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareqca6421_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqca6797aq_firmwarewcn785x-1_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832sc8180xp-ac_firmwareipq5332immersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55sm8250ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewcn3991_firmwarewsa8830qcn9070sxr2230p_firmwareqca1062_firmwareqam8650pwcn785x-5qcn6224_firmwareqca8082qcn9072qca8386qca6420_firmwareqca6390_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformsm8250-abipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca1064qca8082_firmwaresnapdragon_x55_5g_modem-rf_systemqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewsa8845h_firmwareqfw7114qca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274ipq8174qcn5052sm8250_firmwareqcn6112_firmwaresm8250-acqcn9074qca6421qca8085wsa8810_firmwareqcn6224wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcd9385immersive_home_3210_platformqca8085_firmwaresxr2130_firmwareipq9570sc8180x-acqca6390ar8035csr8811aqt1000sc8180x\+sdx55_firmwarewcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcn9000qcf8000_firmwareqca6554asd865_5gqca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274qcn5154qca8075_firmwaresc8180xp-acqca6574assg2125p_firmwaresxr2130wcn685x-5_firmwareqca9889sc8180x-afqcn6132_firmwareqca9888qcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152wcn785x-5_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391aqt1000_firmwareqcn9100qcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwaresc8180xp-af_firmwareqca6574auqca9889_firmwareipq9574qcn5122wcd9341_firmwarewsa8810sc8180x-aa_firmwareipq5332_firmwaresm8550psnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwaresc8180x-aaqam8650p_firmwareipq6010_firmwaresc8180x-af_firmwareqca1064_firmwareqca6696sc8180xp-abqca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070asc8180x-ad_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33048
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing t2lm buffers.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwarewsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124ipq8173_firmwarewcn785x-5qam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn685x-1qcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010sc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwarewcn785x-5_firmwareimmersive_home_3210_platform_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6797aq_firmwarewcn785x-1_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550pimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwarear8035_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwareqca8075_firmwaressg2125p_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqca8084_firmwareqcn5124_firmwarewsa8845_firmwareqca8082_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwarewsa8845h_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn6274_firmwarewsa8840_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwarewsa8832_firmwarefastconnect_6900_firmwareipq6028_firmwaresc8380xp_firmwareipq8072a_firmwareqcn6112_firmwareqca6797aq_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9395_firmwareipq5332_firmwareqca6698aq_firmwaresdx65m_firmwareqcn9013_firmwareipq8071a_firmwareqam8650p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwaresm8550p_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwarewcd9390_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwarewsa8835_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21449
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 57.95%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-10 Feb, 2026 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Embedded SW

Transient DOS may occur while processing malformed length field in SSID IEs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_730_mobile_firmwaresxr2230psnapdragon_x72_5g_modem-rf_firmwaresm7675snapdragon_auto_5g_modem-rf_firmwaresm6370snapdragon_8_gen_3_mobilesnapdragon_845_mobilesm4635sm8750psm7250psnapdragon_782g_mobile_firmwaresa8650pvision_intelligence_300_firmwaresnapdragon_821_mobile_firmwaresm6650p_firmwaresc8180xp-aaab_firmwaresa4155p_firmwaresd660fastconnect_7800ssg2115psc8180x-aaab_firmwaresxr1230papq8064au_firmwaressg2115p_firmwaresa6145p_firmwaresnapdragon_ar2_gen_1_firmwarecsra6620_firmwaresdx55_firmwaresm7250p_firmwaresnapdragon_665_mobile_firmwaresnapdragon_670_mobilesd662vision_intelligence_400_firmwaresa8145p_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresrv1lar8031_firmwaresc8280xp-abbbsnapdragon_x5_lte_modemsm8750sa6155_firmwaresd670sc7180-adapq8017immersive_home_214sg8275pvideo_collaboration_vc1_platformsmart_audio_200_platform_firmwarefastconnect_6900_firmwaresnapdragon_888\+_5g_mobile_firmwaresnapdragon_675_mobilesnapdragon_x72_5g_modem-rfsnapdragon_7c_computesa7255pfastconnect_6900sc8180x-acaf_firmwaresnapdragon_855\+_mobile_firmwaresa8150psa8775pimmersive_home_216_firmwaresg4150psa8155psnapdragon_680_4g_mobile_firmwaresnapdragon_x12_lte_modemsm8750p_firmwaresm7675p_firmwaresnapdragon_712_mobileapq8064auvideo_collaboration_vc5_platformsnapdragon_820_automotive_firmwaresc8180x-ad_firmwaresm6370_firmwaresnapdragon_870_5g_mobilesd865_5gcsra6640robotics_rb3_firmwaresd670_firmwarecsrb31024snapdragon_855_mobile_firmwaresnapdragon_x65_5g_modem-rf_firmwaresnapdragon_821_mobileimmersive_home_316sdx55srv1l_firmwarehome_hub_100sc8180x-adsd730snapdragon_768g_5g_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwaresrv1msdx61_firmwaresnapdragon_662_mobilesnapdragon_778g_5g_mobile_firmwarevision_intelligence_300snapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwarear8035snapdragon_730g_mobilefastconnect_6800_firmwaresm8735_firmwaresnapdragon_860_mobilesnapdragon_732g_mobile_firmwaresnapdragon_820_mobile_firmwaresd820snapdragon_4_gen_2_mobile_firmwaresnapdragon_685_4g_mobilesa7775p_firmwaresnapdragon_auto_5g_modem-rfsd660_firmwaresnapdragon_690_5g_mobile_firmwaresmart_audio_400_platformimmersive_home_316_firmwaresw5100p_firmwaresxr1120sc8180x\+sdx55_firmwaresxr2330psnapdragon_xr1sd888sc8180xp-acafsnapdragon_710_mobilesnapdragon_w5\+_gen_1_wearablesd821snapdragon_712_mobile_firmwaresm8750_firmwaresnapdragon_765g_5g_mobile_firmwaresnapdragon_x24_lte_modem_firmwaresnapdragon_680_4g_mobilesd675snapdragon_685_4g_mobile_firmwaresnapdragon_8_gen_1_mobilesnapdragon_x55_5g_modem-rf_firmwaresm7325p_firmwaresnapdragon_x65_5g_modem-rfsd_8_gen1_5gsc8180xp-acaf_firmwaresd855sd855_firmwaresnapdragon_auto_4gsa8775p_firmwaresnapdragon_720g_mobileimmersive_home_318sm6250pvideo_collaboration_vc3_platformsd_8cxsnapdragon_8_gen_3_mobile_firmwaresnapdragon_865_5g_mobile_firmwaresnapdragon_auto_4g_firmwaresd662_firmwaresm6250p_firmwaresd820_firmwaresm8550p_firmwaresa6150psnapdragon_662_mobile_firmwaresnapdragon_720g_mobile_firmwaresw5100_firmwaresnapdragon_732g_mobilesm6650sc8380xpsw5100psd_675snapdragon_460_mobilesg4150p_firmwaresc8180x-acafsnapdragon_778g\+_5g_mobilesm8650qsdx61snapdragon_x5_lte_modem_firmwarear9380_firmwaresnapdragon_855_mobilefastconnect_6700_firmwaresa8770psa8195psc8180x-aaabsnapdragon_730g_mobile_firmwarerobotics_rb5snapdragon_850_mobile_compute_firmwaresm7635snapdragon_x32_5g_modem-rfsnapdragon_xr2\+_gen_1sa8155p_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresd_8cx_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_670_mobile_firmwaresnapdragon_865\+_5g_mobilesnapdragon_4_gen_1_mobilesxr2230p_firmwarear9380immersive_home_318_firmwaresa6155psnapdragon_855\+_mobilesnapdragon_888\+_5g_mobilesm7675_firmwaresd460snapdragon_888_5g_mobilehome_hub_100_firmwareaqt1000_firmwaresa8620psm8635_firmwaresa8255psnapdragon_480\+_5g_mobile_firmwaresnapdragon_750g_5g_mobile_firmwaresnapdragon_678_mobile_firmwaresnapdragon_860_mobile_firmwaresd865_5g_firmwaresnapdragon_4_gen_1_mobile_firmwarecsra6640_firmwaresnapdragon_ar1_gen_1sa6145psa8145psnapdragon_auto_5g_modem-rf_gen_2_firmwaresa7775psa8295psnapdragon_480_5g_mobile_firmwaresnapdragon_x32_5g_modem-rf_firmwaresxr2250pcsrb31024_firmwaresc8180xp-adsa8150p_firmwaresm7635p_firmwaresm7635psnapdragon_x55_5g_modem-rfsa8195p_firmwaresdx20m_firmwarerobotics_rb2_firmwaresnapdragon_768g_5g_mobilesm4125sd_675_firmwarevideo_collaboration_vc1_platform_firmwaresc7180-ad_firmwaresnapdragon_695_5g_mobilesnapdragon_8\+_gen_1_mobilesdx20msnapdragon_665_mobilesnapdragon_7c\+_gen_3_computesm8635snapdragon_765_5g_mobilesnapdragon_x35_5g_modem-rf_firmwarevideo_collaboration_vc3_platform_firmwaresmart_audio_200_platformsd888_firmwaresrv1hsnapdragon_782g_mobilesnapdragon_ar2_gen_1ar8035_firmwaresnapdragon_x62_5g_modem-rf_firmwaresm7675psnapdragon_xr1_firmwaresnapdragon_765_5g_mobile_firmwaresa6155p_firmwaresw5100sa7255p_firmwaresd675_firmwaresxr2330p_firmwaresnapdragon_778g_5g_mobilecsr8811_firmwaresa6150p_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_x12_lte_modem_firmwaresnapdragon_xr2\+_gen_1_firmwaresnapdragon_710_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarevideo_collaboration_vc5_platform_firmwareflight_rb5_5g_firmwaresd_8_gen1_5g_firmwaresnapdragon_780g_5g_mobilesnapdragon_8_gen_2_mobile_firmwaresnapdragon_870_5g_mobile_firmwaresm8650q_firmwaresnapdragon_660_mobile_firmwareapq8017_firmwaresm8735snapdragon_x50_5g_modem-rfsd460_firmwarefastconnect_6200_firmwaresm8550psnapdragon_820_automotivesxr1230p_firmwarecsra6620sg8275p_firmwaresa4150pflight_rb5_5gsa6155fastconnect_6200sc8180x\+sdx55snapdragon_8_gen_2_mobilesnapdragon_730_mobilesa4150p_firmwaresxr2130smart_audio_400_platform_firmwaresnapdragon_888_5g_mobile_firmwaresm4125_firmwaresnapdragon_ar1_gen_1_firmwarefastconnect_6800snapdragon_865_5g_mobilesa8770p_firmware315_5g_iot_firmwaresnapdragon_x62_5g_modem-rfsm8635psa4155psnapdragon_4_gen_2_mobilesnapdragon_x24_lte_modem315_5g_iotsm8635p_firmwaresa9000psd730_firmwaresnapdragon_x75_5g_modem-rfsa8255p_firmwarerobotics_rb2robotics_rb3sa8155_firmwaresnapdragon_8\+_gen_2_mobilesc8180xp-ad_firmwaressg2125psrv1m_firmwaresc8180xp-aaabsnapdragon_x35_5g_modem-rfsxr1120_firmwaresm4635_firmwaresa8650p_firmwaresnapdragon_695_5g_mobile_firmwareimmersive_home_214_firmwaresnapdragon_480\+_5g_mobilesnapdragon_7c_compute_firmwaresnapdragon_675_mobile_firmwaresd821_firmwaresm6650_firmwaresm7325psm6250snapdragon_820_mobilesa8155sxr2250p_firmwaresnapdragon_x50_5g_modem-rf_firmwareaqt1000snapdragon_845_mobile_firmwaresa9000p_firmwaresc8280xp-abbb_firmwarefastconnect_6700srv1h_firmwaresnapdragon_750g_5g_mobilesm6650psa8620p_firmwaresnapdragon_850_mobile_computesnapdragon_x20_lte_modem_firmwaresnapdragon_460_mobile_firmwareimmersive_home_216snapdragon_678_mobilesnapdragon_w5\+_gen_1_wearable_firmwaresc8380xp_firmwaresa8295p_firmwaresnapdragon_x20_lte_modemsnapdragon_660_mobilesm6250_firmwaresnapdragon_865\+_5g_mobile_firmwaresxr2130_firmwarevision_intelligence_400snapdragon_690_5g_mobilecsr8811snapdragon_780g_5g_mobile_firmwaresnapdragon_480_5g_mobilesm7315_firmwaresnapdragon_765g_5g_mobilefastconnect_7800_firmwaresm7635_firmwarear8031ssg2125p_firmwaresnapdragon_778g\+_5g_mobile_firmwarerobotics_rb5_firmwaresm7315Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33061
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.53%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwarewsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124ipq8173_firmwarewcn785x-5qam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn685x-1qcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010sc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwarewcn785x-5_firmwareimmersive_home_3210_platform_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6797aq_firmwarewcn785x-1_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550pimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33097
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 34.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while processing a FTMR frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwaresnapdragon_8_gen_1_mobile_platformwsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124sg8275p_firmwareipq8173_firmwareqam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareqcn9002ipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174qcn9001ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010qcs8550_firmwaresc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca8072qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550qcn9001_firmwareipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwaresd_8_gen1_5gqcn6274wcd9380ipq9554_firmwareqcn5054_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024qca9889qcn6132_firmwareqcn9003_firmwaresxr1230pqca9888qca8072_firmwaresg8275pqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqcn9003qfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwarefastconnect_7800qcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwarefastconnect_6900qcn5054qcn9070_firmwarefastconnect_6900_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550psnapdragon_8_gen_1_mobile_platform_firmwareimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696qcs8550immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9002_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33080
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_x20_lte_modemsd865_5gmdm9215_firmwareqca6595snapdragon_xr1_platformipq6028_firmwareimmersive_home_214_platformqca8081_firmwareqcn9001sm7250-absnapdragon_x50_5g_modem-rf_systemwcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024sdm845ar9380qcc710_firmwareqca6426sc8180x-abwcn3610sa4150pqcn5124_firmwaresm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qcn7605qca6574au_firmwareqcn7606_firmwareipq8078a_firmwarewcn785x-5qca6564_firmwareqam8295pwcd9341sd626_firmwaresnapdragon_x12_lte_modemwsa8810_firmwaresd730_firmwarewsa8845h_firmwareqca2064_firmwaresdm670sm8150-acsm6375_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acvideo_collaboration_vc1_platform_firmwaresa4155pqcn9000sd821qca2062_firmwaresm6375sm7250-aa_firmwaresc8180xp-acqsm8350_firmwarevideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310snapdragon_630_mobile_platformipq8074a_firmwareipq8076awcd9360snapdragon_ar2_gen_1_platform_firmwareapq8053-aa_firmwaresd821_firmwareimmersive_home_3210_platform_firmwaresa6155psm7150-ac_firmwareqca6564au_firmwaresd820qca8075qam8650pvideo_collaboration_vc5_platform_firmwaresm7325_firmwaresa6155p_firmwaremdm9640_firmwareqca6390_firmwaresd835qca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070sc8180x-afsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqca8084sm4125_firmwaresm8250-ac_firmwareqca6420qca6174_firmwarewcn3910apq8064au_firmwarecsrb31024qca9367mdm9250_firmwareqcc2076snapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asm7325-aeqca6174aqca6584_firmwareqca9898_firmwarewcd9340qcs8250_firmwareqcm2290snapdragon_630_mobile_platform_firmwaresm6150-acsm6225sc8180xp-aa_firmwareqcn6122_firmwareqcn5154_firmwaresm8150-ac_firmwareipq8074sm8550p_firmwarewcn3998_firmwareqcm8550snapdragon_x20_lte_modem_firmwarewcn3988qcn5122_firmwarepmp8074qcn9024qca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemqca2066_firmwaresdm710_firmwaresc8180xp-ac_firmwareqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550psa6145pqcn6122sa8255p_firmwareqcc2073wcn785x-1_firmwaremdm8215msm8996auqrb5165m_firmwaremdm9645qca9985snapdragon_x5_lte_modemipq8071aapq8064auqcn6112wcn3950_firmwareqrb5165nqca1062_firmwaresc7180-acsm7325p_firmwaresd460wcd9360_firmwares820a_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresd670_firmwareimmersive_home_326_platform_firmwareqca6438_firmwaresc8280xp-bb_firmwareqcn9072sm7150-aaipq4028_firmwareqcn6224_firmwareqca6431sd660_firmwareqca8082_firmwareqca4020_firmwareqca9379_firmwaresm6350sxr2130_firmwarear8035_firmwareapq8009_firmwareqrb5165mqca1064qca6320snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaremdm9215snapdragon_662_mobile_platform_firmwareqcs6125_firmwareqca9992_firmwareqca6428qca9990ipq8070ipq9008_firmwareqcn9074sdm712_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresnapdragon_x12_lte_modem_firmwaresm7325ipq8173sm8350-ac_firmwaresm7250p_firmwarewcn3999ipq6010_firmwarewcn785x-5_firmwarewcn3950sm4250-aasnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm4350_firmwaresm7350-ab_firmwareipq5028qca9986wcn3991qcn9070_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresm7150-aa_firmwaresd888sd460_firmwaresnapdragon_4_gen_2_mobile_platformipq8069wcn685x-5ipq8065qca6310_firmwaresd626qcs7230sm8250-acs820awcd9371qcn9001_firmwaresc8180xp-aasnapdragon_xr2_5g_platform_firmwareqca8075_firmwarevision_intelligence_300_platform_firmwaremdm9645_firmwaresm7350-abqrb5165_firmwaresm8350_firmwareqca2065_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwaresm7225_firmwareqca6175a_firmwaresm6125qca6698aq_firmwareqcs2290qcn76068998_firmwareqcs2290_firmwaresc8280xp-bbwcn3615qca9367_firmwareqca8084_firmwarewcn3999_firmwareqcn7605_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwaresc8180xp-abwcn6750qcn5024qca6430wcn6750_firmwaremdm9650sc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125p9206_lte_modem_firmwarecsra6640_firmwaresm4350immersive_home_326_platformqam8650p_firmwarewcn3998qcn9013_firmwareqca2062video_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwaresd855_firmwarewcd9335_firmwaremdm9640qca6436qrb5165n_firmwaresnapdragon_1200_wearable_platformsnapdragon_x24_lte_modem_firmwarewcn3980_firmwareqca6391_firmwarewsa8835wsa8840_firmwaresm4250-aa_firmwaremdm9310_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660mdm9628sm4375sdm670_firmwareqam8775pqca9377wsa8815qcm4325_firmwaresm7125_firmwareipq8069_firmwareqcm4290_firmwareqca9888_firmwareqca9889qca6175aqca1062qcn5024_firmwareqcn9002_firmwareipq5010qrb5165qcn9274_firmwaremdm9615_firmwaresg4150p_firmwaresc8180xp-af_firmwarecsra6620_firmwaresnapdragon_820_mobile_platform_firmwareqcs8550ipq8068_firmwaremdm8215_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresc7180-ad_firmwarewcd9375sdm712qca9889_firmwaresa8145psd_675immersive_home_316_platformsm4350-ac_firmwareqca2066csr8811apq8053-aasc7180-ac_firmwaresm7250-ac_firmwarewcn685x-1_firmwarewcn3680b_firmwareqcm8550_firmwareapq8017qcs410_firmwaresa6150p_firmwaresw5100pipq9574qcn9000_firmwareqcn6102_firmwaresxr1120vision_intelligence_300_platformqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca6696wcd9341_firmware8998qcn9003_firmwareqca6390qcc2073_firmwareipq8076wcn6740_firmwareqca1064_firmwareipq6018_firmwareqca9984_firmwareqcn6023immersive_home_216_platformqca9994_firmwareipq6000snapdragon_auto_4g_modemipq8078asm8150_firmwareqca6574auwcd9390csra6640sc8180x-af_firmwareqcn9100_firmwarewcn3660b_firmwareqcn5122sd730qca6554aqcn6024_firmwaresdx20mqca9886_firmwaresm8350qcm6125_firmwaressg2115pqcc710snapdragon_850_mobile_compute_platformqcn6132_firmwaremdm9615sxr1120_firmwaresnapdragon_x5_lte_modem_firmwareqcn5054robotics_rb3_platform315_5g_iot_modem_firmwaresm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresnapdragon_821_mobile_platform_firmwareipq8064sa8155_firmwareqcn5164sm7150-abqca6335qcs4490sc7180-adsc8180xp-afmdm9250snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6421_firmwareqcm6125sc8180x-adcsr8811_firmwaresm7125wsa8810qcn5021qca8085snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595ausm7315_firmwarewcd9326_firmwarewsa8840qcs8550_firmwareqca9986_firmwareqfw7124_firmwareqcn9012mdm9650_firmwaresnapdragon_821_mobile_platformwcd9371_firmwareqcs4490_firmwarewcn3910_firmwareapq8009qca4531_firmwaresdx65mwcd9370_firmwareipq9570mdm9310sa8195pqca6335_firmwareqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformqcn9274qca9379ipq8076a_firmwareipq9570_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwareqca6430_firmwaresc8180x-aaipq4029_firmwareqcn9011qcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_662_mobile_platformqcn9074_firmwarevision_intelligence_400_platform_firmwareipq8174sc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwareipq8174_firmwarear8035ipq8072aqca6564sa6155qca2065qcm4325qcn6224sc8280xp-absm8475_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250sm7250-acsc8180x-aa_firmwaresd670wcn685x-1sa8145p_firmwarewcn3680bsnapdragon_820_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformsnapdragon_636_mobile_platform_firmwarewcn3990qca6428_firmwareqcn9002ipq8078qcs6490qcs8250ipq9554_firmwarear8031_firmwarewsa8830_firmwareqca6678aq_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqcc2076_firmwareqca6678aqsnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresm8475qca9992sm8250-ab_firmwaresa4150p_firmwareqca9898ipq9008ipq9554qca6564ausm6225_firmwaresc8180xp-adsm6250p_firmwareimmersive_home_214_platform_firmwaresm7325-af_firmwaresa8195p_firmwareapq8053-ac_firmwareqcm4290qcn5054_firmwareqca9888ipq5332sd_455_firmwaresm6125_firmwareqcn9013ar8031snapdragon_1200_wearable_platform_firmwareqca9377_firmwareqcm6490_firmwareipq8072a_firmwaresm4125qcm4490_firmwarerobotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcn6112_firmwareqcs6125apq5053-aa_firmwaresnapdragon_7c\+_gen_3_computeqca8085_firmwareapq5053-aasdm710sd_455qca9886qcn6132sm6250_firmwaresc8180x-ad_firmwareqcn6102qca6584auqca6320_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740sm6225-ad_firmwareqfw7114_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250_firmwareimmersive_home_216_platform_firmwareipq8070asm7225apq8017_firmwarewcd9380ipq4028qam8255psa6145p_firmwaresa6155_firmwaresxr2230pqca9990_firmwaresa8150pqcn9003snapdragon_x24_lte_modemmsm8996au_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230psm6225-adsd662_firmwaresm4350-acipq6010sdm660_firmwaresw5100aqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855sdm660sc8180x-ab_firmwareqca6174wcd9330_firmwarewcn3990_firmwaresm7315qca6564a_firmwaresdx20m_firmwareqca9994qsm8350sc8180xp-ab_firmwarewcd9385wcd9330sd662wcn3610_firmwareqcs4290sxr1230p_firmwareipq4018sd820_firmwaresm6250psdx55_firmwareipq8071a_firmwareqca6438wcn3615_firmwareqca6554a_firmwaresxr2130ipq6028qcm44908098_firmwaresnapdragon_636_mobile_platformqcn9100sm7150-ab_firmwareqca4020ipq4029qca6174a_firmwaresm7325paqt1000_firmwareipq4018_firmwaresm6150-ac_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274sc8180x-acqfw7124ipq8074_firmwareqca6595au_firmwareqca0000sc8180x-ac_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwareapq8053-acwcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwaremdm9628_firmwareqca6797aqqcn5152ipq8065_firmwaresm4375_firmwarevision_intelligence_400_platform9206_lte_modemqca6574a_firmwaresdx55qcn9072_firmwaresdm845_firmwareipq8074aimmersive_home_318_platformsd675sm6350_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca4531qca6391qca8386wcn785x-1ipq8173_firmwareqcn9012_firmwareqca6584snapdragon_8_gen_2_mobile_platform_firmwaresa8295p8098snapdragon_xr1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwareipq8078_firmwarewcn685x-5_firmwarewcn3988_firmwareipq8070_firmwareqcn5154sd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980qcs610Snapdragonsnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-33116
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 55.66%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-17 Jun, 2025 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read without Checking Size of Input in WLAN Host

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq4028_firmwareqca8337qfw7124ar9380ipq8173_firmwareqcf8001flight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386qca9880_firmwareqca9992immersive_home_318_platform_firmwareipq8078aipq5028_firmwareipq6000qcn5152_firmwareqca0000_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqcn9011_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareqfw7114qrb5165nipq5010ipq8070_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8065ipq8078a_firmwareqcn9274ipq8174qca9990qrb5165m_firmwareipq5028qca7500ipq4029_firmwareqcn5052qca0000qcf8001_firmwareipq6010ipq8068qcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013snapdragon_x75_5g_modem-rf_systemqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwareqca9888_firmwareipq8068_firmwareqcn6122wcd9385ipq9008_firmwareipq9570qcn5154_firmwarear8035csr8811qca9898_firmwareipq4019qcc710_firmwareqcn9100_firmwarerobotics_rb5_platformqca9992_firmwareipq5010_firmwareipq8074a_firmwareqca9898qcn5022_firmwareipq4028immersive_home_216_platform_firmwareqca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwarear9380_firmwareipq8078qca8084ipq8173ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwarecsr8811_firmwareqcn6274wcd9380qcn5154qca8075_firmwareipq4018ipq4019_firmwareqcn5024qca9889qcn6132_firmwareqca9888qca9985qca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwarewcn3980ipq6018_firmwareipq8076_firmwareqca9886wcd9340_firmwareqcn6112ipq8076qca9984ipq6028ipq8064qcn5152qcn9024qrb5165mipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareqca6391ipq8064_firmwarefastconnect_7800qcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwarefastconnect_6900qcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareipq8070ipq6028_firmwareipq8072a_firmwareqcn9011qca9994qca9889_firmwareipq9574qca9980qcn5122ipq8174_firmwareqcn9024_firmwareqca9880fastconnect_7800_firmwareimmersive_home_326_platformipq6018qcn5022qcn9013_firmwareqca9886_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6391_firmwareimmersive_home_214_platform_firmwareqca4024sdx55qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqfw7124_firmwareipq4029ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33016
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.65%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN firmware while parsing MLO (multi-link operation).

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareimmersive_home_318_firmwareipq8173_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386snapdragon_8_gen_1ipq8078aipq5028_firmwareipq6000immersive_home_216ssg2115pqcn5152_firmwareqcn9000_firmwarewcd9385_firmwareipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareipq8074aqcn5124_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwareqca8081_firmwareqcn6023_firmwareipq5010immersive_home_214ipq8078a_firmwareqcn9274ipq8174ipq5028qcn5052ipq6010qcs8550_firmwareqcn9074qca8085qcn6132qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca8085_firmwareqca9888_firmwareqcn6122immersive_home_316_firmwareqcn5154_firmwarecsr8811qcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aimmersive_home_214_firmwareipq8076a_firmwareipq8078qca8084ipq8173snapdragon_8_gen_1_firmwareqcn5164snapdragon_ar2_gen_1qcn6122_firmwarewsa8835sxr1230p_firmwarecsr8811_firmwaresd_8_gen1_5gwcd9380qcn5154qca8075_firmwaressg2125p_firmwareqcn5024qca9889qcn6132_firmwaresxr1230pqca9888qcn5052_firmwareqcn9274_firmwareipq8070a_firmwareipq6018_firmwareipq8076_firmwaresxr2230pipq8076qcn5152ipq6028qcn9024ipq9574_firmwarefastconnect_7800qcn9100snapdragon_ar2_gen_1_firmwareipq8078_firmwarewsa8832_firmwarefastconnect_6900qcn9070_firmwarefastconnect_6900_firmwareimmersive_home_318ipq6028_firmwareipq8072a_firmwareimmersive_home_316qca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwarewsa8832ipq6018qcn5022ipq6010_firmwareqcs8550qca4024qca8075qcn9022_firmwareqcn6024qcn9022ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21446
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 64.22%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214wcn6650sd865_5gipq9574qcn9000_firmwareqcn6102_firmwareqca6595sm8735qcn9022ipq6028_firmwarewcd9370qca8081_firmwareqcn9001qca8072qca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwareipq5028_firmwarewcd9395_firmwaresxr2330p_firmwareqcn6024wcn7881_firmwareqcn9003_firmwarewcn7750ar9380wcn6450qcc710_firmwareqcc2073_firmwareqca6426snapdragon_8\+_gen_1_mobileipq8076wcn6740_firmwarefastconnect_6700ipq6018_firmwaresnapdragon_780g_5g_mobileqca9984_firmwareqcn6023qcn5124_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca9994_firmwareqca6426_firmwarewcd9395ipq9048ipq6000qca6574au_firmwareipq8078asnapdragon_x72_5g_modem-rfipq8078a_firmwareqam8295pqca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqca2064_firmwaresm8650q_firmwareqcn5122qcs9100qca6554aqcs5430fastconnect_6800_firmwarewcn7860qcn6024_firmwareqca9886_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwareqca2062_firmwaresnapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwareqca6777aqqsm8350_firmwareqcn5054fastconnect_6900ipq5332_firmwareqep8111sa7255psm8635qcn5052qca9980wcd9385_firmwareqca6421qfw7114ipq9574_firmwareqam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164sdx61snapdragon_x65_5g_modem-rfqcs4490qca6787aqwsa8845sa6155pqcn6100_firmwareqca6421_firmwareqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650psa9000pqca8085srv1h_firmwaresnapdragon_888_5g_mobile_firmwareqcn6100qca6595ausnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6698auqca9986_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012ipq8070a_firmwareqcn9070qcs4490_firmwareqcf8001snapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqca8084sm8635psnapdragon_x62_5g_modem-rf_firmwareqmp1000snapdragon_8_gen_2_mobilewcd9370_firmwareqcc2076sa7255p_firmwareqca6574asm7635p_firmwaresnapdragon_x72_5g_modem-rf_firmwareipq9570snapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qcm6490qcn6122_firmwareqcn5154_firmwareipq9048_firmwaresxr2250psm8550p_firmwareqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574ipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca6777aq_firmwareqca2066_firmwareqca6698au_firmwareqcn9011sa8775p_firmwareqamsrv1hwsa8845hqcn9024_firmwareqca8082sm8650qsa8155p_firmwaresa8155pqca8072_firmwarewsa8830sm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwaresa8255p_firmwareqcn6122sm7675_firmwareqcc2073ipq8174_firmwareipq8072asm7635_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn6450_firmwaresm7635pqca2065qca9985immersive_home_316srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareipq8071aqcn6224qcs615qcn6112qca6698aqwcn3950_firmwaresa7775p_firmwaressg2125p_firmwaresm7635sm7325p_firmwarewcd9378sm8635p_firmwaresm6650p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareqcn9002ipq8078snapdragon_8_gen_3_mobileqcs6490ipq9554_firmwaresnapdragon_778g_5g_mobileqcn9072wsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832sdx61_firmwareqca8082_firmwarewcd9378_firmwareqcc2076_firmwaresrv1limmersive_home_216srv1msxr2130_firmwaresm7675pqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwareqcn5022_firmwaresnapdragon_778g\+_5g_mobilewcn7860_firmwareqca9992sc8380xpqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_x62_5g_modem-rfipq9008ipq9554qca6564auqca9992_firmwareqca9990sc8280xp-abbbipq9008_firmwareqcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwareqcm4490_firmwarewcn3950sd_8_gen1_5g_firmwareqcn6112_firmwaresnapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computeipq5028qca9986qcf8001_firmwareqcn9070_firmwareqca8085_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobileqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132ipq6018qcn6102qca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwarewcn6740wcn6650_firmwaresc8380xp_firmwareipq8065snapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_214_firmwaresnapdragon_865_5g_mobile_firmwareqcn9001_firmwareipq8070asm8635_firmwarefastconnect_6900_firmwarewcd9380qam8255psxr2230pqca9990_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880qcn9003sxr2330pqca8075_firmwarewcn6755qcf8000qcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230pwcn7881qca2065_firmwaresm6650ipq6010video_collaboration_vc3_platformsm6650pqca9980_firmwareqca9985_firmwareqca6688aqqam8295p_firmwareqca6431_firmwaresm7315qca6698aq_firmwarewcd9385qca9994qsm8350snapdragon_888\+_5g_mobilesnapdragon_8_gen_1_mobileqca8084_firmwaresa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqcn5024qep8111_firmwareqcs615_firmwaresg8275psdx55_firmwareipq8071a_firmwaresm8750_firmwaresnapdragon_auto_5g_modem-rfssg2125pqca6554a_firmwaresxr2130ipq6028qcm4490snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mqca6174a_firmwaresm7325pwcn7861wcn7861_firmwareqam8650p_firmwareqca2062qcs6490_firmwaresm6650_firmwareipq8076_firmwareqam8620pqca6584au_firmwareqcn5152_firmwareqca6436qcn6274qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000qcs8300_firmwareipq8068qca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqcn5124qam8775psnapdragon_ar2_gen_1_firmwareipq8064_firmwareqca6797aqqcn5152ipq8065_firmwaresnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwaresnapdragon_865_5g_mobileipq8074aqca9889qcn5024_firmwarewcd9375_firmwareqcn9002_firmwareqca6787aq_firmwaresnapdragon_ar1_gen_1_firmwareqca8386immersive_home_318ipq5010qcn9274_firmwareqca6391sa7775pqcs5430_firmwaresnapdragon_x32_5g_modem-rfipq8173_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pqcs8550ipq8068_firmwareipq6000_firmwaresm8735_firmwaresa8650pfastconnect_7800qam8775p_firmwaresd865_5g_firmwaresc8280xp-abbb_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqamsrv1h_firmwaresm7675qcn5154snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwareqca2066ssg2115p_firmwarecsr8811qcn5022sm7675p_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2019-12897
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.65%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 21:37
Updated-04 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer after a call from ObjectModule!Paint::Clear+0x0000000000000074.

Action-Not Available
Vendor-edrawsoftn/a
Product-edraw_maxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-13618
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.63%
||
7 Day CHG~0.00%
Published-16 Jul, 2019 | 16:07
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32034
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.84%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32035
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-3.48% / 87.84%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Remote Procedure Call Runtime Denial of Service Vulnerability

Remote Procedure Call Runtime Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32011
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.32% / 87.55%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 23:26
Updated-01 Jan, 2025 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows iSCSI Discovery Service Denial of Service Vulnerability

Windows iSCSI Discovery Service Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32044
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.06% / 87.00%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-28 Feb, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32045
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-3.06% / 87.00%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:02
Updated-28 Feb, 2025 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-3036
Matching Score-4
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-4
Assigner-Cloudflare, Inc.
CVSS Score-8.6||HIGH
EPSS-0.59% / 69.59%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 11:08
Updated-02 Jan, 2025 | 19:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Slice index in cfnts leads to remote panic

An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71  enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents.

Action-Not Available
Vendor-Cloudflare, Inc.
Product-cfntscfnts
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-9076
Matching Score-4
Assigner-OpenSSL Software Foundation
ShareView Details
Matching Score-4
Assigner-OpenSSL Software Foundation
CVSS Score-7.5||HIGH
EPSS-0.10% / 26.52%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 16:03
Updated-10 Jun, 2026 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-Bounds Read in CMS Password-Based Decryption

Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.

Action-Not Available
Vendor-OpenSSL
Product-OpenSSL
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-2976
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-3.00% / 86.86%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 06:11
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Digital Editions versions 4.5.3 and earlier have an exploitable buffer over-read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-digital_editionsAdobe Digital Editions 4.5.3 and earlier.
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29089
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.56% / 68.73%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 00:00
Updated-07 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_980exynos_auto_t5123exynos_9110_firmwareexynos_1080exynos_5123_firmwareexynos_auto_t5123_firmwareexynos_9110exynos_980_firmwareexynos_5300exynos_1080_firmwareexynos_5300_firmwareexynos_5123n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-28555
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.17% / 37.26%
||
7 Day CHG+0.01%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Transient DOS in Audio while remapping channel buffer in media codec decoding.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqca8337wcn785x-5mdm9628_firmwarewcn3950_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresm8350wcd9370ssg2115pwcn685x-1sm8450wcn3998wcd9385_firmwareqam8295pwcn3950qcn6024_firmwaremdm9628sm6375_firmwareqam8295p_firmwareqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresm6225-adwcd9375_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresm6225sm6225-ad_firmwaresa4155p_firmwarewcn3988_firmwaresa6145p_firmwaresa8195pwsa8810_firmwaresm8450_firmwaresw5100snapdragon_ar2_gen_1_platform_firmwaresa6155psg4150pqca8081qcm4490wcn685x-1_firmwarewcd9385qca6696_firmwarear8035sm4350_firmwarewcd9375sa8150pwsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475sa8295p_firmwareqca6564awcn6750_firmwaresg4150p_firmwaresa4150pwcn785x-1qcm4325sm6375wcn3991qca8337_firmwarewcd9380_firmwaressg2125psw5100psd865_5gsnapdragon_w5\+_gen_1_wearable_platformqca6564ausm8350-ac_firmwarewsa8835qca6574sxr1230p_firmwaresnapdragon_auto_5g_modem-rfwcd9380ssg2125p_firmwareqca6574awcn685x-5_firmwaresxr1230pwcn6750wcn3980qcm4325_firmwareqca6574_firmwarewsa8815sxr2230psnapdragon_xr2_5g_platform_firmwaresm4450qca6574a_firmwareqcn9024wcn785x-5_firmwarewcn3980_firmwaresa8295psm8475_firmwarewcn6740_firmwareqcm4490_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwsa8832_firmwaresm8350_firmwarewcn685x-5sm6225_firmwarewcn785x-1_firmwareqca6574ausa8155p_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810wsa8832sw5100p_firmwaresnapdragon_ar2_gen_1_platformsa6145psm8350-acqcs4490sa8145pwcn6740qca6696sa4150p_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresa6150psdx55sa8155pqcn6024ssg2115p_firmwaresw5100_firmwaresa4155par8035_firmwareSnapdragonqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwaremdm9628_firmwaresxr1230p_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9385_firmwareqcn6024_firmwareqcm4325_firmwareqca6574_firmwaresd_8_gen1_5g_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwareqca8081_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn6740_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm4490_firmwareqcs4490_firmwarewsa8832_firmwaresa4155p_firmwarefastconnect_6900_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6696_firmwaresa4150p_firmwarewcd9370_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwaresa8295p_firmwaresg4150p_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27730
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 57.43%
||
7 Day CHG~0.00%
Published-09 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27728
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.29%
||
7 Day CHG~0.00%
Published-09 Apr, 2023 | 00:00
Updated-11 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27857
Matching Score-4
Assigner-Rockwell Automation
ShareView Details
Matching Score-4
Assigner-Rockwell Automation
CVSS Score-7.5||HIGH
EPSS-17.37% / 95.20%
||
7 Day CHG~0.00%
Published-22 Mar, 2023 | 00:00
Updated-21 Oct, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation ThinManager ThinServer Heap-Based Buffer Overflow

In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer.  An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-thinmanagerThinManager ThinServer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-28448
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.28% / 52.08%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 19:34
Updated-19 Feb, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Versionize is lacking bound checks, potentially leading to out of bounds memory access

Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the ‘Versionize::deserialize’ implementation provided by the ‘versionize’ crate for ‘vmm_sys_utils::fam::FamStructWrapper', which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.

Action-Not Available
Vendor-versionize_projectfirecracker-microvm
Product-versionizeversionize
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-27727
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.29%
||
7 Day CHG~0.00%
Published-09 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h.

Action-Not Available
Vendor-n/aF5, Inc.
Product-njsn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 15
  • 16
  • Next
Details not found