Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-3622

Summary
Assigner-TPLink
Assigner Org ID-f23511db-6c3e-4e32-a477-6aa17d310630
Published At-26 Mar, 2026 | 20:34
Updated At-27 Mar, 2026 | 19:39
Rejected At-
Credits

Denial-of-Service Vulnerability in UPnP Component of TP Link's TL-WR841N

The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service. Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition.  This vulnerability affects TL-WR841N v14 < EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and < US_0.9.1.4.19 Build 260312 Rel. 49108n (V14_0304).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:TPLink
Assigner Org ID:f23511db-6c3e-4e32-a477-6aa17d310630
Published At:26 Mar, 2026 | 20:34
Updated At:27 Mar, 2026 | 19:39
Rejected At:
▼CVE Numbering Authority (CNA)
Denial-of-Service Vulnerability in UPnP Component of TP Link's TL-WR841N

The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service. Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition.  This vulnerability affects TL-WR841N v14 < EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and < US_0.9.1.4.19 Build 260312 Rel. 49108n (V14_0304).

Affected Products
Vendor
TP-Link Systems Inc.
Product
TL-WR841N v14
Platforms
  • Linux
Default Status
unaffected
Versions
Affected
  • From 0 before 0.9.1 4.19 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds read
Metrics
VersionBase scoreBase severityVector
4.07.1HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-540CAPEC-540 Overread Buffers
CAPEC ID: CAPEC-540
Description: CAPEC-540 Overread Buffers
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Md Sharafatullah Zomadder, Professor Rahamatullah Khondoker, Dept. of Business Informatics, THM University of Applied Sciences, Friedberg, Germany
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.tp-link.com/en/support/download/tl-wr841n/v14/#Firmware
patch
https://www.tp-link.com/us/support/download/tl-wr841n/v14/#Firmware
patch
https://www.tp-link.com/us/support/faq/5033/
vendor-advisory
Hyperlink: https://www.tp-link.com/en/support/download/tl-wr841n/v14/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/download/tl-wr841n/v14/#Firmware
Resource:
patch
Hyperlink: https://www.tp-link.com/us/support/faq/5033/
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:f23511db-6c3e-4e32-a477-6aa17d310630
Published At:26 Mar, 2026 | 21:17
Updated At:31 Mar, 2026 | 19:09

The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service. Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition.  This vulnerability affects TL-WR841N v14 < EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and < US_0.9.1.4.19 Build 260312 Rel. 49108n (V14_0304).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.07.1HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
TP-Link Systems Inc.
tp-link
>>tl-wr841n_firmware>>Versions before 0.9.1_4.19(exclusive)
cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*
TP-Link Systems Inc.
tp-link
>>tl-wr841n>>14
cpe:2.3:h:tp-link:tl-wr841n:14:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Secondaryf23511db-6c3e-4e32-a477-6aa17d310630
CWE ID: CWE-125
Type: Secondary
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.tp-link.com/en/support/download/tl-wr841n/v14/#Firmwaref23511db-6c3e-4e32-a477-6aa17d310630
Product
https://www.tp-link.com/us/support/download/tl-wr841n/v14/#Firmwaref23511db-6c3e-4e32-a477-6aa17d310630
Product
https://www.tp-link.com/us/support/faq/5033/f23511db-6c3e-4e32-a477-6aa17d310630
Vendor Advisory
Hyperlink: https://www.tp-link.com/en/support/download/tl-wr841n/v14/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource:
Product
Hyperlink: https://www.tp-link.com/us/support/download/tl-wr841n/v14/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource:
Product
Hyperlink: https://www.tp-link.com/us/support/faq/5033/
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

602Records found
CVE-2021-22484
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.82%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 06:50
Updated-18 Mar, 2025 | 16:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM).

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2025-22423
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.51%
||
7 Day CHG~0.00%
Published-02 Sep, 2025 | 22:11
Updated-04 Sep, 2025 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ParseTag of dng_ifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-3631
Matching Score-4
Assigner-Delta Electronics, Inc.
ShareView Details
Matching Score-4
Assigner-Delta Electronics, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.84%
||
7 Day CHG~0.00%
Published-09 Mar, 2026 | 02:56
Updated-10 Mar, 2026 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read DoS Vulnerability in COMMGR2

Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-commgr2COMMGR2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-37007
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.97%
||
7 Day CHG~0.00%
Published-09 Aug, 2022 | 20:10
Updated-06 Mar, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuimagic_uiharmonyosHarmonyOSMagic UIEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-7843
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.5||HIGH
EPSS-12.92% / 94.08%
||
7 Day CHG~0.00%
Published-22 May, 2019 | 19:58
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller over Modbus.

Action-Not Available
Vendor-n/a
Product-modicon_quantummodicon_quantum_firmwaremodicon_m580_firmwaremodicon_premium_firmwaremodicon_premiummodicon_m340modicon_m340_firmwaremodicon_m580Modicon M580 Modicon M340 Modicon Quantum Modicon Premium
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-3731
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.11% / 29.05%
||
7 Day CHG~0.00%
Published-08 Mar, 2026 | 10:32
Updated-12 Mar, 2026 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftp_extensions_get_name/sftp_extensions_get_data of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may be performed from remote. Upgrading to version 0.11.4 and 0.12.0 is sufficient to resolve this issue. This patch is called 855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60. You should upgrade the affected component.

Action-Not Available
Vendor-libsshn/a
Product-libsshlibssh
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-3547
Matching Score-4
Assigner-wolfSSL Inc.
ShareView Details
Matching Score-4
Assigner-wolfSSL Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.08%
||
7 Day CHG~0.00%
Published-19 Mar, 2026 | 20:20
Updated-26 Mar, 2026 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation

Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 and earlier contained an out-of-bounds read in ALPN handling when built with ALPN enabled (HAVE_ALPN / --enable-alpn). A crafted ALPN protocol list could trigger an out-of-bounds read, leading to a potential process crash (denial of service). Note that ALPN is disabled by default, but is enabled for these 3rd party compatibility features: enable-apachehttpd, enable-bind, enable-curl, enable-haproxy, enable-hitch, enable-lighty, enable-jni, enable-nginx, enable-quic.

Action-Not Available
Vendor-wolfsslwolfSSL
Product-wolfsslwolfSSL
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1981
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.29% / 52.16%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper IE size check of Bearer capability IE in MT setup request from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qca8337sm7250_firmwareqca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426wcn3990_firmwaresm8450wcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gwcn3615_firmwaresm6375_firmwarewcn3660bqsm8350_firmwareqsm8350wcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwarewcd9360qca6436_firmwaresd778gsa515m_firmwareqcs6490sd429sdxr2_5gwcn7851qcs6125wcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250wcd9340apq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsm8450_firmwaresd765_firmwareqca6436wcd9326wcn6851qca8081wcn7851_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwarewcd9371sd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375wcn3910_firmwaresm6250_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwareapq8017qcx315wcn6750_firmwarewcn3610qcm6125_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd865_5gsdx55m_firmwarewcn6856_firmwaresm8450p_firmwaresd670_firmwareqcx315_firmwarewsa8835sd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qcs410qca6574asd690_5g_firmwarewcn6855_firmwaresm7325wcn3980wcn6750sd439_firmwaresa515mwcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd730qca6391sdx55mqca6421_firmwaresdx65_firmwaresd678_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwareqca6574ausd205_firmwaresd670wcd9341_firmwareqcm6125sd480sd870sm8450pwcn6855wsa8810sd210_firmwareqcs610_firmwarewcn6856wcn3680bsd768gqca6696qca6391_firmwaresd845_firmwarewcd9370_firmwaresdx55sd675sd845sd439sd720g_firmwareqcs410_firmwarear8035_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1964
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.36%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064sd_675_firmwaresa415mwcn3998wcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qca6430wcd9340sd765gqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910sd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareipq8078_firmwareqcn5054wcn6851_firmwareipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870qcn5121_firmwaresa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053qcn5021_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqcs2290_firmwarecsrb31024qca9563_firmwaresd_636qcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595ausm7250p_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811ipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwarewsa8835sd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwareqca9889sm7325pqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwaresm7315sd460qca6391ipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwarewsa8810qcn5500_firmwarewcn6856sd_8cqcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1980
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 62.88%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca2066sm7250sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qca2062qcn5064csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430sc8280xp_firmwarewcd9340sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwarewcd9371sd870_firmwaresd750gqca1062qcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850sd7cpmp8074_firmwarewcn3910qca6320mdm9650_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwareqca2062_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870wcn6855qcn5121_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwaresc8280xpapq8053qcn5021_firmwarecsra6640sa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqca1062_firmwareqcs2290_firmwarefsm10056sm7250_firmwaresd7c_firmwarecsrb31024qca9563_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareipq8069_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074aqca2065sd662qcn5124_firmwareqca9982qca1064sa8155qca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca2065_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqcx315qca6564aqcm6125_firmwareqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwarewcn6855_firmwareqca9889qca9888qca6310_firmwaresm7325ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresd665ipq8076sd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810qcn5500_firmwarewcn6856qcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029sd850sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1943
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 60.36%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareipq4028_firmwareqcn5550ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qcn5064sd_675_firmwaresa415mwcn3998wcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qca6430wcd9340sd765gqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910qca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareipq8078_firmwareqcn5054wcn6851_firmwareipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880sd480sd870qcn5121_firmwaresa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053qcn5021_firmwaresa8155psd675qca9531_firmwareqcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwarecsrb31024qca9563_firmwaresd_636qcn9072qca9880_firmwareqca9992sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595ausm7250p_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375csr8811sm6250_firmwareipq4019msm8953_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqca8072wcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwarewsa8835sd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwareqca9889sm7325pqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwaresm7315sd460qca6391ipq6005aqt1000_firmwareqcn9100csrb31024_firmwaresdx50mqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwarewsa8810qcn5500_firmwarewcn6856qcn5022wcn3680bsd835_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-39354
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.29% / 52.72%
||
7 Day CHG~0.00%
Published-31 Aug, 2023 | 19:36
Updated-03 Nov, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FreeRDP Out-Of-Bounds Read in nsc_rle_decompress_data

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `nsc_rle_decompress_data` function. The Out-Of-Bounds Read occurs because it processes `context->Planes` without checking if it contains data of sufficient length. Should an attacker be able to leverage this vulnerability they may be able to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-Fedora ProjectFreeRDPDebian GNU/Linux
Product-fedoradebian_linuxfreerdpFreeRDP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1977
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 55.10%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250sa6150p_firmwareqcs610qca8337wcn3950_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcn3950sm4125mdm9628sd720gmdm9206_firmwarewcn3660bsd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwaresa6155_firmwaresdx12_firmwarewcn3998_firmwareapq8053_firmwaresdx20mqca9367_firmwarewcn3999qrb5165_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405wcd9340sd765gqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwarewcd9341qca6696_firmwaresd750gsd870_firmwarewcn3910_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwarewcn3610wcn3991qca8337_firmwarewcd9380_firmwarewcd9330msm8996au_firmwareqca6564ausdx55m_firmwarewcn6856_firmwareqca6574wcd9380qcs410sd690_5g_firmwareqca9379_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwaresd835wcn3980_firmwarewcd9330_firmwaresdx55mwcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603qca6564a_firmwareqcm4290_firmwaresd870wcn6855qcs610_firmwaresa6145psdxr1apq8096auar8031qca6595_firmwareqcs405_firmwaresa8145psd820_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675qca9379ar8035_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwaresm7250_firmwarecsrb31024mdm9628_firmwaremdm9650csra6620qcs4290mdm9250sd765g_firmwareqca6390_firmwareapq8009_firmwaresd690_5gwcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwareqca6595auwcn3615wcn3999_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310sd778gsa515m_firmwaresdxr2_5gqca9367mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385ar8035qca6390sd750g_firmwareapq8064auwcd9375sm6250_firmwaremsm8953_firmwaresd820sdx20_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareapq8017qca6564aqcm6125_firmwarewcn3990sd_675sd780gsd865_5gqca6595sd888wsa8835msm8996ausd665_firmwaresd888_5gqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwaresm7325wcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwareapq8009qca6391sd460sdxr1_firmwaremdm9626qcm4290csrb31024_firmwaresdx20mdm9626_firmwareqca6574ausa8155p_firmwaremdm9607wcd9341_firmwareqcm6125sdx20m_firmwarewsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150papq8096au_firmwaresd845sd720g_firmwaresdx12qcs410_firmwareqca6175a_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1948
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.79%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of length check of data while parsing the beacon or probe response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca2066sm7250sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qca2062qcn5064csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430sc8280xp_firmwarewcd9340sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwarewcd9371sd870_firmwaresd750gqca1062qcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850sd7cpmp8074_firmwarewcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwareqca2062_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870wcn6855qcn5121_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwaresc8280xpapq8053qcn5021_firmwarecsra6640sa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqca1062_firmwareqcs2290_firmwarefsm10056sm7250_firmwaresd7c_firmwarecsrb31024qca9563_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareipq8069_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074aqca2065sd662qcn5124_firmwareqca9982qca1064sa8155qca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca2065_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqcx315qca6564aqcm6125_firmwareqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwarewcn6855_firmwareqca9889qca9888qca6310_firmwaresm7325ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresd665ipq8076sd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810qcn5500_firmwarewcn6856sd_8cqcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-20277
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-8.49% / 92.38%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:54
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxSambaFedora Project
Product-debian_linuxfedorasambasamba
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-34824
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.93%
||
7 Day CHG+0.02%
Published-03 Apr, 2026 | 22:41
Updated-13 Apr, 2026 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service

Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession of WebSocket messages, forcing the server to spawn an unbounded number of operating system threads. This leads to thread exhaustion and Out of Memory (OOM) errors, causing a complete Denial of Service (DoS) for any application built on the framework. This issue has been patched in version 1.2.5.

Action-Not Available
Vendor-mesop-devmesop-dev
Product-mesopmesop
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2021-20275
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.57% / 68.63%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 13:12
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunked_body_is_complete() leading to denial of service.

Action-Not Available
Vendor-privoxyn/aDebian GNU/Linux
Product-privoxydebian_linuxprivoxy
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1974
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.82%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055sm7250sa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064qcs605_firmwaresd_675_firmwareqcs6125_firmwaresa415mwcn3998wcn3950qcn6024_firmwaresd720gsm4125ipq8076awcn3660bsd710_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420qca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwareqrb5165_firmwareqca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qca6430wcd9340sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5022_firmwarewcn6750_firmwareqca9898ipq4028wcn3610qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresdm429wipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910sd_8c_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9896qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870sd210_firmwareqcs610_firmwareqsm8250sa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55qcn5021_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qsm8250_firmwareqcn5024_firmwarewcn3991_firmwarewsa8830sd678qca9561qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sm7250_firmwarecsrb31024qca9563_firmwaresd_636fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqca9563ipq8074asd662qcn5124_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3610_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sd429sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811ipq4019qcn9100_firmwaresda429wsd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620qca6564aqcm6125_firmwareqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012qca9558_firmwareqca9896_firmwarewsa8835ipq8065_firmwaresdm429w_firmwaresd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aqca9889qca9888ipq8074sm7325qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm4125_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwaresd460qca6391aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwareqcm6125wsa8810wcn6856sd_8cqcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1941
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.87%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read issue due to improper length check on WPA IE string sent by peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055qca2066sm7250sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca6431_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qca2062qcn5064csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420qca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareqca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430sc8280xp_firmwarewcd9340sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwarewcd9341ipq8068_firmwareqca2066_firmwareqca6431qca6696_firmwarewcd9371sd870_firmwaresd750gqca1062qcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850sd7cpmp8074_firmwarewcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9896qcn5502qca9994qca6164_firmwareqca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd870wcn6855qcn5121_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca6164sdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwaresc8280xpqcn5021_firmwaresa8155pcsra6640sd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqca1062_firmwareqcs2290_firmwarefsm10056sm7250_firmwaresd7c_firmwarecsrb31024qca9563_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareipq8069_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000qca6174_firmwaresd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqca9563ipq8074aqca2065sd662qcn5124_firmwareqca9982qca1064sa8155qca6320_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausa6155p_firmwareqca6310ipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421sm6250sa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qca2065_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811apq8064auipq4019qca6694_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwarewsa8835ipq8065_firmwaremsm8996ausd665_firmwaresm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwarewcn6855_firmwareqca9889qca6174aqca9888qca6310_firmwareipq8074qca9994_firmwareipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810qcn5500_firmwarewcn6856sd_8cqcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21459
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.83%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Transient DOS while parsing per STA profile in ML IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6678aq_firmwareqcm8550_firmwarewcn6650wsa8845_firmwarewsa8832wcd9378_firmwareqcc2076_firmwareqca6595sm8735srv1lwcd9335sm7675pqca6678aqqca8081_firmwaresrv1mwcd9370ar8035_firmwareqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwarewcn7860_firmwarewcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750wcn6450qcc2073_firmwareqcc710_firmwarefastconnect_6700qca6564auwsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337wcd9395sg8275p_firmwareqcm6490_firmwareqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auvision_intelligence_400_firmwarewcd9390sa8620p_firmwarewsa8845h_firmwareflight_rb5_5gsa9000p_firmwaresrv1hsm8650q_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs9100qca6554aqcs5430sa8295p_firmwarewcn7860qcm5430qcm5430_firmwaresa8770pqca6584auqcn6274_firmwaressg2115pqcn9011_firmwareqcc710wcn6755_firmwarewcn6650_firmwareqca6777aqsnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900sa7255psm8635qfw7114sm8635_firmwarewcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pqmp1000_firmwarewcn7880sxr2330pwcn6755qca6787aqwsa8845sa6155pqca6564au_firmwaresxr1230pqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresm6650wcn7881qca6595auvideo_collaboration_vc3_platformsxr2250p_firmwaresa6155p_firmwaresm6650pwsa8840qca6688aqqam8295p_firmwaresnapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwarewcn3990_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6698aq_firmwaresm8750pwcd9385qcn9012sa8255pqcs7230_firmwaresm8635psxr1230p_firmwarewcd9390_firmwareqmp1000snapdragon_8_gen_2_mobileqcs615_firmwaresg8275pwcd9370_firmwaresm8750_firmwareqcc2076flight_rb5_5g_firmwaressg2125pqca6554a_firmwaresa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwaresa8195pwcd9340qcs8250_firmwareqamsrv1mrobotics_rb5snapdragon_auto_5g_modem-rf_gen_2wcn7861_firmwareqcm6490wcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwaresxr2250pqcm8550qcs6490_firmwareqcn9274sm6650_firmwareqam8620pqca6584au_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresxr2230p_firmwareqca6777aq_firmwarewsa8835wsa8840_firmwareqcs8300_firmwareqcn9011sa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hqcs8300wcd9380_firmwareqca6574_firmwaresm8650qsa8155p_firmwareqca8081sa8155pwcd9335_firmwarewsa8830qam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresm8550psnapdragon_x75_5g_modem-rfsa8620psm7675_firmwaresa8255p_firmwareqcc2073ar8035qca6574a_firmwareqamsrv1m_firmwaresm7635_firmwarewcn7750_firmwaresa8650p_firmwarewcn6450_firmwareqca6787aq_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresrv1l_firmwareqcn6224qcs9100_firmwareqcn9274_firmwareqcs615qcn9012_firmwareqcs5430_firmwareqca6698aqsa7775p_firmwaresm7635ssg2125p_firmwareqrb5165nsa8295psa8770p_firmwareqcs8550sm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwarewcd9378sm8635p_firmwareqca6688aq_firmwaresm6650p_firmwaresm8750p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_ar2_gen_1fastconnect_6700_firmwareqamsrv1h_firmwaresm7675video_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwarevision_intelligence_400ssg2115p_firmwarewsa8835_firmwareqcs6490qcs8250sm7675p_firmwaresnapdragon_8_gen_3_mobilewsa8830_firmwareqcn6224_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2021-1945
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.82%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of length check of Bandwidth-NSS IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qcn5064csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999ipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430wcd9340sd765gqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwarewcd9371sd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareipq8078_firmwareqcn5054wcn6851_firmwareipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870qcn5121_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053qcn5021_firmwarecsra6640sa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqcs2290_firmwarecsrb31024qca9563_firmwaremdm9650sd_636csra6620qcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155qca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwareqca9889sm7325pqca9888qca6310_firmwareipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665ipq8076sd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810qcn5500_firmwarewcn6856sd_8cqcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21598
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-8.2||HIGH
EPSS-0.44% / 63.42%
||
7 Day CHG~0.00%
Published-09 Jan, 2025 | 18:16
Updated-26 Jan, 2026 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crash

An Out-of-bounds Read vulnerability in Juniper Networks Junos OS and Junos OS Evolved's routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to send malformed BGP packets to a device configured with packet receive trace options enabled to crash rpd. This issue affects: Junos OS:  * from 21.2R3-S8 before 21.2R3-S9,  * from 21.4R3-S7 before 21.4R3-S9,  * from 22.2R3-S4 before 22.2R3-S5,  * from 22.3R3-S2 before 22.3R3-S4,  * from 22.4R3 before 22.4R3-S5,  * from 23.2R2 before 23.2R2-S2,  * from 23.4R1 before 23.4R2-S1,  * from 24.2R1 before 24.2R1-S1, 24.2R2. Junos OS Evolved: * from 21.4R3-S7-EVO before 21.4R3-S9-EVO,  * from 22.2R3-S4-EVO before 22.2R3-S5-EVO,  * from 22.3R3-S2-EVO before 22.3R3-S4-EVO,  * from 22.4R3-EVO before 22.4R3-S5-EVO,  * from 23.2R2-EVO before 23.2R2-S2-EVO,  * from 23.4R1-EVO before 23.4R2-S1-EVO,  * from 24.2R1-EVO before 24.2R1-S2-EVO, 24.2R2-EVO. This issue requires a BGP session to be established. This issue can propagate and multiply through multiple ASes until reaching vulnerable devices. This issue affects iBGP and eBGP. This issue affects IPv4 and IPv6. An indicator of compromise may be the presence of malformed update messages in a neighboring AS which is unaffected by this issue: For example, by issuing the command on the neighboring device:  show log messages Reviewing for similar messages from devices within proximity to each other may indicate this malformed packet is propagating:   rpd[<pid>]: Received malformed update from <IP address> (External AS <AS#>) and   rpd[<pid>]: Malformed Attribute

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junos_os_evolvedjunosJunos OS EvolvedJunos OS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-20094
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-7.5||HIGH
EPSS-6.77% / 91.33%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 11:09
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server.

Action-Not Available
Vendor-wibun/aSiemens AG
Product-sicam_230pss_capesicam_230_firmwarecodemeterWibu-Systems CodeMeter
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21446
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.13%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214wcn6650sd865_5gipq9574qcn9000_firmwareqcn6102_firmwareqca6595sm8735qcn9022ipq6028_firmwarewcd9370qca8081_firmwareqcn9001qca8072qca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwareipq5028_firmwarewcd9395_firmwaresxr2330p_firmwareqcn6024wcn7881_firmwareqcn9003_firmwarewcn7750ar9380wcn6450qcc710_firmwareqcc2073_firmwareqca6426snapdragon_8\+_gen_1_mobileipq8076wcn6740_firmwarefastconnect_6700ipq6018_firmwaresnapdragon_780g_5g_mobileqca9984_firmwareqcn6023qcn5124_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca9994_firmwareqca6426_firmwarewcd9395ipq9048ipq6000qca6574au_firmwareipq8078asnapdragon_x72_5g_modem-rfipq8078a_firmwareqam8295pqca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqca2064_firmwaresm8650q_firmwareqcn5122qcs9100qca6554aqcs5430fastconnect_6800_firmwarewcn7860qcn6024_firmwareqca9886_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwareqca2062_firmwaresnapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwareqca6777aqqsm8350_firmwareqcn5054fastconnect_6900ipq5332_firmwareqep8111sa7255psm8635qcn5052qca9980wcd9385_firmwareqca6421qfw7114ipq9574_firmwareqam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164sdx61snapdragon_x65_5g_modem-rfqcs4490qca6787aqwsa8845sa6155pqcn6100_firmwareqca6421_firmwareqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650psa9000pqca8085srv1h_firmwaresnapdragon_888_5g_mobile_firmwareqcn6100qca6595ausnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6698auqca9986_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012ipq8070a_firmwareqcn9070qcs4490_firmwareqcf8001snapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqca8084sm8635psnapdragon_x62_5g_modem-rf_firmwareqmp1000snapdragon_8_gen_2_mobilewcd9370_firmwareqcc2076sa7255p_firmwareqca6574asm7635p_firmwaresnapdragon_x72_5g_modem-rf_firmwareipq9570snapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qcm6490qcn6122_firmwareqcn5154_firmwareipq9048_firmwaresxr2250psm8550p_firmwareqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574ipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca6777aq_firmwareqca2066_firmwareqca6698au_firmwareqcn9011sa8775p_firmwareqamsrv1hwsa8845hqcn9024_firmwareqca8082sm8650qsa8155p_firmwaresa8155pqca8072_firmwarewsa8830sm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwaresa8255p_firmwareqcn6122sm7675_firmwareqcc2073ipq8174_firmwareipq8072asm7635_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn6450_firmwaresm7635pqca2065qca9985immersive_home_316srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareipq8071aqcn6224qcs615qcn6112qca6698aqwcn3950_firmwaresa7775p_firmwaressg2125p_firmwaresm7635sm7325p_firmwarewcd9378sm8635p_firmwaresm6650p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareqcn9002ipq8078snapdragon_8_gen_3_mobileqcs6490ipq9554_firmwaresnapdragon_778g_5g_mobileqcn9072wsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832sdx61_firmwareqca8082_firmwarewcd9378_firmwareqcc2076_firmwaresrv1limmersive_home_216srv1msxr2130_firmwaresm7675pqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwareqcn5022_firmwaresnapdragon_778g\+_5g_mobilewcn7860_firmwareqca9992sc8380xpqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_x62_5g_modem-rfipq9008ipq9554qca6564auqca9992_firmwareqca9990sc8280xp-abbbipq9008_firmwareqcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwareqcm4490_firmwarewcn3950sd_8_gen1_5g_firmwareqcn6112_firmwaresnapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computeipq5028qca9986qcf8001_firmwareqcn9070_firmwareqca8085_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobileqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132ipq6018qcn6102qca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwarewcn6740wcn6650_firmwaresc8380xp_firmwareipq8065snapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_214_firmwaresnapdragon_865_5g_mobile_firmwareqcn9001_firmwareipq8070asm8635_firmwarefastconnect_6900_firmwarewcd9380qam8255psxr2230pqca9990_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880qcn9003sxr2330pqca8075_firmwarewcn6755qcf8000qcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230pwcn7881qca2065_firmwaresm6650ipq6010video_collaboration_vc3_platformsm6650pqca9980_firmwareqca9985_firmwareqca6688aqqam8295p_firmwareqca6431_firmwaresm7315qca6698aq_firmwarewcd9385qca9994qsm8350snapdragon_888\+_5g_mobilesnapdragon_8_gen_1_mobileqca8084_firmwaresa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqcn5024qep8111_firmwareqcs615_firmwaresg8275psdx55_firmwareipq8071a_firmwaresm8750_firmwaresnapdragon_auto_5g_modem-rfssg2125pqca6554a_firmwaresxr2130ipq6028qcm4490snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mqca6174a_firmwaresm7325pwcn7861wcn7861_firmwareqam8650p_firmwareqca2062qcs6490_firmwaresm6650_firmwareipq8076_firmwareqam8620pqca6584au_firmwareqcn5152_firmwareqca6436qcn6274qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000qcs8300_firmwareipq8068qca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqcn5124qam8775psnapdragon_ar2_gen_1_firmwareipq8064_firmwareqca6797aqqcn5152ipq8065_firmwaresnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwaresnapdragon_865_5g_mobileipq8074aqca9889qcn5024_firmwarewcd9375_firmwareqcn9002_firmwareqca6787aq_firmwaresnapdragon_ar1_gen_1_firmwareqca8386immersive_home_318ipq5010qcn9274_firmwareqca6391sa7775pqcs5430_firmwaresnapdragon_x32_5g_modem-rfipq8173_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pqcs8550ipq8068_firmwareipq6000_firmwaresm8735_firmwaresa8650pfastconnect_7800qam8775p_firmwaresd865_5g_firmwaresc8280xp-abbb_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqamsrv1h_firmwaresm7675qcn5154snapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwareqca2066ssg2115p_firmwarecsr8811qcn5022sm7675p_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2016-5040
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.45% / 80.79%
||
7 Day CHG+0.45%
Published-17 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a large length value in a compilation unit header.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-3646
Matching Score-4
Assigner-Arista Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Arista Networks, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.15% / 35.13%
||
7 Day CHG~0.00%
Published-29 Aug, 2023 | 16:31
Updated-30 Sep, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

Action-Not Available
Vendor-Arista Networks, Inc.
Product-7280dr3am-367280dr3a-547280dr3-247800r3a-36pm7504r37800r3ak-36dm7289r3a-sc7812r37289r3ak-sc7280dr3ak-367500r3-36cq7500r3-24d7500r3-24p7800r3k-48cq7800r3-48cq7800r3ak-36pm7280cr3a-727289r3am-sc7800r3k-72y7512r37800r3a-36dm7280cr3a-48d67280sr3-40yc67280dr3ak-547280cr3-967800r3a-36d7800r3a-36p7500r3k-48y4d7800r3k-48cqms7280r37800r3k-36dm7280tr3-40c67280dr3am-547500r3k-36cq7512r37280cr3-32d47280cr3-36s7508r37800r3-36p7808r37280cr3-32p47816r37280cr3a-24d127280pr3-24eos7280sr3-48yc87800r3-36d7280dr3a-36EOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1404
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.61%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:30
Updated-08 Nov, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Clam AntiVirus (ClamAV) Email Parser Denial of Service Vulnerability

A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.

Action-Not Available
Vendor-ClamAVCisco Systems, Inc.
Product-clamavClamAV
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-35926
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.56% / 68.40%
||
7 Day CHG~0.00%
Published-04 Aug, 2022 | 20:30
Updated-23 Apr, 2025 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read in IPv6 neighbor solicitation in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module os/net/ipv6/uip-nd6.c, where memory read operations from the main packet buffer, <code>uip_buf</code>, are not checked if they go out of bounds. In particular, this problem can occur when attempting to read the 2-byte option header and the Source Link-Layer Address Option (SLLAO). This attack requires ipv6 be enabled for the network. The problem has been patched in the develop branch of Contiki-NG. The upcoming 4.8 release of Contiki-NG will include the patch.Users unable to upgrade may apply the patch in Contiki-NG PR #1654.

Action-Not Available
Vendor-contiki-ngcontiki-ng
Product-contiki-ngcontiki-ng
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-34743
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.97%
||
7 Day CHG~0.00%
Published-11 Jul, 2022 | 13:53
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-35266
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.39% / 60.07%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_firmware/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-35271
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.69% / 71.85%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_cert_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-35270
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.43% / 62.33%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_wireguard_cert_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-35265
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.39% / 60.07%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_nodejs_app/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2016-5043
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.45% / 80.79%
||
7 Day CHG+0.45%
Published-17 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dwarf_dealloc function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted DWARF section.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-35262
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.33% / 55.96%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_xml_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-35264
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.33% / 55.96%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_aaa_cert_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-35267
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.39% / 60.07%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_https_cert_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-35268
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.43% / 62.33%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_sdk_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-35263
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.33% / 55.96%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-35269
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-4.9||MEDIUM
EPSS-0.43% / 62.33%
||
7 Day CHG~0.00%
Published-25 Oct, 2022 | 16:34
Updated-15 Apr, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_e2c_json_file/` API.

Action-Not Available
Vendor-robustelRobustel
Product-r1510_firmwarer1510R1510
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2022-33286
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.10%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023qca8337ar9380ipq8173_firmwareqcn5124mdm9645wcn3950_firmwareqca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415msm4375wcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca8081_firmwarewcn3998_firmwareqca6420qcn9002qca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2ipq8072_firmwareqca0000sa8155_firmwareipq8068qca6430wcd9340sd765gsd680wcn7851_firmwaremdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresd712sd660_firmwaresm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca9980_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwaremsm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca9985qcn9012_firmwareqcn9274_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca6584_firmwaremdm9215_firmwaresd695ipq6028ipq8064sd835pmp8074ipq9574_firmwarewcn3980_firmwaresd730qcc5100_firmwaresa8295pqca2062_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031qca1023_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640qca9379sa4155psxr2150pqcn7606qsm8250_firmwarewsa8830qca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca8082qca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqcn6102_firmwareqcn9011_firmwaresa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqrb5165nqca6584ausd778gipq8174wcn7851qcn5052qca9367sdm630mdm9607_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421qca8085sd778g_firmwaresa8195pqca6694sm4375_firmwarewcd9326wcd9335qcn6023qcs4290_firmwareqca8085_firmwareqcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sm6250_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcx315qcm6125_firmwaresd780gsd865_5gqca6595qcc5100ipq8065_firmwareqcx315_firmwaresd665_firmwareqcn5154qca8075_firmwaresc8180xmdm9206wcn6855_firmwareqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sm7325p_firmwaresd665qca6175asd765qca6574a_firmwareqrb5165msd850_firmwaresm7315apq8009mdm9310qcn6102csrb31024_firmwareqcm6490_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwareqcn9002_firmwareipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresd_8cx_gen3_firmwareqca2066sa6150p_firmwareqcs610qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqca6554a_firmwareqam8295psd_8cx_gen2_firmwareipq8076amdm9628qca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwaresd680_firmwarewcn3999qrb5165_firmwareipq5028qrb5165m_firmwareipq4029_firmwareqcs6125sa4155p_firmwareipq6010sd662_firmwareqcs405qcn6132sw5100qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341ipq8068_firmwareqca2066_firmwareqca6431sd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438wcn7850_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072asw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024wcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870qsm8250ipq6018sd695_firmwaresdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresa8155psd675ar8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresd7c_firmwarecsra6620qcn9072qca8386sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605qca2065sd662qcn5124_firmwareqam8295p_firmwareqca1064qcn6100_firmwareqca8082_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcn9001qca9990qcs6490sa515m_firmwaresdxr2_5gsd821sa6145p_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwaresd_8cx_gen3ar8035csr8811apq8064auqca6694_firmwareqcn9100_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwareqca6564asa4150pqca8072qcm2290_firmwarewcn3990qcn9000sd_675qca6554aar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pipq4018qca6574aqca9889qca6174asm7325pipq8074qca9994_firmwarewcn6750qcn9003ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwareqcn9100sdx65_firmwareqcm4290sdx50msdx20mdm9215qcn9011sd_455ipq8074_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029sd850Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33309
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.43%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buiffer over-read in WLAN Firmware.

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareipq8173_firmwaresdx65qcn5124qca4024_firmwareqca8082qcn9072qca8386ipq8078aipq5028_firmwareipq6000ssg2115pqcn5152_firmwareqcn9000_firmwareipq5018wcd9385_firmwareipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareipq8074aqcn5124_firmwareqca8082_firmwarewcn7850qcn5164_firmwareqcn5122_firmwareqca8081_firmwareqcn6023_firmwareipq5010ipq8078a_firmwareqcn9274ipq8174wcn7851ipq5028qcn5052ipq6010qcn9074qca8085sdx65mqcn6132qca8081wcn7851_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcd9385qca8085_firmwareqca9888_firmwareqcn6122ipq9008_firmwareqcn5154_firmwarecsr8811qcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwarewcn7850_firmwaresm8475qcn5022_firmwareipq5018_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aipq8076a_firmwareipq8078qca8084ipq8173wcn6856_firmwareipq9008qcn5164qcn6122_firmwarewsa8835sxr1230p_firmwarecsr8811_firmwarewcd9380qcn5154qca8075_firmwaressg2125p_firmwareqcn5024wcn6855_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qcn5052_firmwareqcn9274_firmwareipq8070a_firmwareipq6018_firmwareipq8076_firmwaresxr2230pipq8076qcn5152ipq6028qcn9024ipq9574_firmwareqcn9100sdx65_firmwareipq8078_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarewsa8832wcn6855wcn6856ipq6018qcn5022ipq6010_firmwareqca4024qca8075qcn9022_firmwareqcn6024qcn9022ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0261
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.16%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 19:37
Updated-16 Sep, 2024 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: Denial of Service vulnerability in J-Web and web based (HTTP/HTTPS) services caused by a high number of specific requests

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated attacker to cause an extended Denial of Service (DoS) for these services by sending a high number of specific requests. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S17 on EX Series; 12.3X48 versions prior to 12.3X48-D105 on SRX Series; 15.1 versions prior to 15.1R7-S8; 15.1X49 versions prior to 15.1X49-D230 on SRX Series; 16.1 versions prior to 16.1R7-S8; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R2-S2, 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S3, 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-ex4400srx345srx5800srx380srx4200srx340ex9200srx4100ex4300ex3400ex9250ex2300srx5400ex4650srx550srx300ex4600srx320srx5600junosex2300-csrx4600srx1500Junos OS
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-34145
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.43%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Host

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sa6150p_firmwaresa8145p_firmwareqcs610ipq8173_firmwareqcn5124qca4024_firmwareqcn9072wcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwareipq6000wcd9370qcn5152_firmwareqca6584au_firmwareqcn9000_firmwareipq5018qca6554a_firmwareqam8295pwcn3950ipq8076aqcn6024_firmwaresd_8_gen1_5g_firmwareipq8074aqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwarewcn7850qca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqcn9002ipq5010qca6564au_firmwareqca6584ausa6155p_firmwareipq8078a_firmwareqcn9274qca6678aq_firmwareipq8174qcn9001wcn7851ipq5028qca6698aqqcn5052ipq6010qcn6112_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresa8195pqcn6132wsa8810_firmwaresw5100sa6155pqca8081wcn7851_firmwareqca6698aq_firmwareipq8071aqcn6023ipq8071a_firmwareqca9888_firmwareqcn6122wcd9341qca6696_firmwareipq9008_firmwareqcn5154_firmwarecsr8811sa8150pqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewcn3988wsa8815_firmwarewcn7850_firmwarewsa8835_firmwaresa8195p_firmwaresm8475qcn5022_firmwaresa8295p_firmwareqca8072ipq5018_firmwarewcd9380_firmwareqcn9000ipq8072asw5100pqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqcc5100ipq8173qcn9001_firmwarewcn6856_firmwareipq9008qcn5164qcn6122_firmwareqca6574wsa8835csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5154qca8075_firmwareqca6574aqcn5024wcn6855_firmwareqca9889qcn6132_firmwareqcn9003_firmwareqca9888qca8072_firmwarewcn3980qcn5052_firmwareqcn9274_firmwareqcn9003ipq8070a_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewsa8815qcn6112ipq8076qca6175aqca6574a_firmwareqcn5152ipq6028qcn9024ipq9574_firmwarewcn3980_firmwareqcc5100_firmwaresa8295pqcn6102qcn9100qca6678aqipq8078_firmwareqcn5054qcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwaresa8155p_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarewcd9341_firmwarewsa8810wcn6855sw5100p_firmwareqcs610_firmwarewcn6856ipq6018qcn5022sa6145pipq6010_firmwareqca6595_firmwaresa8145pqca6696qca4024wcd9370_firmwaresa6150pqca8075qcn9022_firmwaresa8155pqcn6024qcn9022ipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareqca6175a_firmwareSnapdragonqcn5024_firmwareipq5018_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwareipq8076a_firmwareipq8173_firmwareqcn9001_firmwarewcn6856_firmwareqca4024_firmwareqcn6122_firmwarewcn3950_firmwarecsr8811_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwareqcn5054_firmwareqca8075_firmwarewcn6855_firmwareqcn5152_firmwareqcn6132_firmwareqcn9003_firmwareqca6584au_firmwareqca8072_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareipq8070a_firmwareqca6554a_firmwareqcn6024_firmwareipq8076_firmwareipq6018_firmwareqca6574_firmwaresd_8_gen1_5g_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwarewcn3980_firmwareqcc5100_firmwareqca6564au_firmwaresa6155p_firmwareipq8078a_firmwareqca6678aq_firmwareipq8078_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwareqca9889_firmwaresa8155p_firmwareqcn9024_firmwareipq8174_firmwarewsa8810_firmwarewcd9341_firmwaresw5100p_firmwareqcs610_firmwarewcn7851_firmwareqca6698aq_firmwareipq8071a_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwarewcd9370_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwareqcn9002_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwareqcn9072_firmwareipq6000_firmwaresa8195p_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareqcn5022_firmwaresa8295p_firmwareqca6175a_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-5039
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.45% / 80.79%
||
7 Day CHG+0.45%
Published-17 Feb, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_attr_value function in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted object with all-bits on.

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33237
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.39%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqcn9072_firmwareqca6595au_firmwareqca1062qca6310sd730qcn9000qcn7606_firmwareipq8074ipq6028qca6696qca6421mdm9607qcn9070wcn7850qcn5122qsm8250_firmwareqca6564auqca6426_firmwaresd720gipq8078asa6150psd460sd710_firmwareqca9889_firmwareqcn5124wsa8830ipq8072wsa8815qcn9003ipq9008qca6430sd855ipq9008_firmwareqcs6490_firmwaresd_8cx_gen3_firmwarewcd9340qca0000_firmwaresdx55_firmwaresd_8cx_firmwaresxr2150p_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwareqca8386_firmwaresc8180x\+sdx55_firmwareqcn5022_firmwaresa4155p_firmwaresd712qca8386qca8072sd765g_firmwareqca6574aqca8084_firmwaresd865_5g_firmwareqcm6125_firmwarewcn6750sa8295p_firmwaresm7325pqcn5024sd695_firmwareqcc5100qca9994qca6335sd_675qcs405qcn5024_firmwareqca6595qca6431_firmwarecsra6640sd480_firmwareqca6430_firmwareqca8081sm7315_firmwaresm7325p_firmwareqca6584ausd870ipq6018qca9367ipq5018_firmwareqca6390_firmwareqcn9024_firmwaresc8180x\+sdx55ipq4028_firmwareqcn9011_firmwaresa6155_firmwarewcn6855qcx315_firmwareipq8072aipq8070awcn3910ipq8070a_firmwaresd870_firmwareqcm6490_firmwaresm6250ipq8078_firmwareqca6431qca6595auwcd9370sd888_firmwareqcs4290_firmwarewcn3980qcn5152qca2066sm4125_firmwareqca9992sm7315qcn9022sd765_firmwaresd720g_firmwaresd765gsd670qca9888_firmwaresdx55mqam8295pwcn6850_firmwareqcn9002_firmwareqcn9274sm6250pwsa8810_firmwarewsa8815_firmwarewcn3991_firmwaresa8150psd850_firmwarewcn6740ipq8078qca6436ipq8076aipq8069ipq8071aqca4024qcn7605_firmwaresa8155psdxr1wsa8810qca6694_firmwareqca2062_firmwareqca2066_firmwaresw5100p_firmwareaqt1000_firmwareqcn9012wsa8835_firmwareipq8076wcd9335_firmwaresm7250p_firmwareqcn5154_firmwareqca6391ar9380_firmwareqcn9024qcn5052_firmwarecsra6620wcn3998_firmwarewcn6851sd778g_firmwarewcd9370_firmwaresd675qca6420_firmwareipq8074aqcn6023_firmwareqcx315qcc5100_firmwareqca6554a_firmwareqca8082_firmwareipq4028qcm6125ipq8174ipq8071ipq8064_firmwareqcn6122sd660csrb31024_firmwaresa4150p_firmwareipq8070qcs610qca6391_firmwarewcd9326_firmwareqcn9012_firmwaresm7250psa8155p_firmwarecsra6620_firmwaresa6145pwcn3910_firmwareqrb5165_firmwareqca8085_firmwarewcd9375sd750g_firmwareqca6696_firmwareipq8076_firmwareqca2064sxr2150psd865_5gqca2062ipq8071_firmwareqca9377sm6250p_firmwareqca9980_firmwareqcn9003_firmwarewcn3990_firmwarewcn3950_firmwarewcn3988sd778gwcd9371_firmwareipq8071a_firmwareqca8085sd750gqca9980sd768g_firmwareqcs605sd712_firmwarewcn7851qcn9002qca6310_firmwaresd710qca6436_firmwaresa8195p_firmwareqcn5021_firmwareqca9367_firmwareipq8074a_firmwarewcd9341_firmwareipq6000_firmwareqcn6102ipq4018wcd9340_firmwaresd850qca8082sd_675_firmwareqca6174a_firmwareqcn5021sd855_firmwaresd662_firmwareqcn5054_firmwareqca9889sdx50mwcd9371qcs405_firmwareqcn6024_firmwareqcs6490ipq5018sdx55sd460_firmwaremdm9628sa6155qca9990qcm4290_firmwareqca1064sm4375sd665_firmwaresdx20m_firmwarewcd9360_firmwareqrb5165m_firmwaresa6145p_firmwareqsm8350_firmwareipq5028_firmwaresd768gwcn6740_firmwarewcn6856sm4125qca6390sdx50m_firmwareipq5010_firmwaresa6155pipq8074_firmwaresa8150p_firmwaresd480wcd9330wcn7851_firmwaresa8145p_firmwaresw5100qca4024_firmwarewcn6850csr8811sa8145psa415mwcn3950qcs603_firmwareipq6018_firmwareqca6584au_firmwareqcn9100_firmwareqcn5122_firmwareqcn7605qcm6490qcn6024qca6174awcd9335wcn3999ipq8078a_firmwaresd7c_firmwaresd670_firmwareqca6595_firmwareqrb5165nipq6010qca6421_firmwareqca6438_firmwareqrb5165qca6574au_firmwaresd662qrb5165n_firmwareqca2065_firmwareipq4029_firmwareqam8295p_firmwaresa8295pqcs610_firmwareqcn9074qcm2290_firmwareqcn9274_firmwareqcn5054wcd9380ar8031qca6438qcm4290qcn6102_firmwareqcn5052sd660_firmwaresd730_firmwaremdm9628_firmwareqca2064_firmwaresd695ipq8064sd_8cx_gen3ipq8069_firmwarewcd9375_firmwaresa6150p_firmwaresd888ar8035_firmwareipq8070_firmwareqca0000wcn6856_firmwareqcn6132_firmwareaqt1000qcn5152_firmwareqcs603qcn6100_firmwarear8035qcn6112wcn6855_firmwareqca8072_firmwareqsm8250qca6420wcd9360sd780g_firmwareqca9898_firmwaresdx65_firmwareqcm2290qcn9011qcn5124_firmwaresa515msd845_firmwareqca6428_firmwaremdm9206sa515m_firmwaresdxr1_firmwareqcn5164_firmwareqca9994_firmwaremdm9607_firmwarewcn3990ipq6028_firmwareqcn6023sd690_5gqca8081_firmwareqca9984qca1062_firmwarewsa8835wcn3998ar8031_firmwarecsr8811_firmwareqca8337_firmwareqca9898qca8075_firmwareqcn5164qcs2290qrb5165mmdm9206_firmwareqcn6122_firmwareqca9990_firmwareqca1064_firmwaresd7cipq8072a_firmwaresd678wcd9385qca6574auwcn7850_firmwareqcn6112_firmwaresdx65wcd9385_firmwareipq4029wcn6750_firmwareqcs410_firmwareqcn9000_firmwareipq8173_firmwaresd680qcn9001_firmwaresd888_5gqcn9070_firmwarepmp8074qca8075pmp8074_firmwaresd678_firmwarewcn3999_firmwareqcs6125sm4375_firmwareipq6010_firmwareqca9984_firmwareqca6574qsm8350wcn3991sd_8cxcsra6640_firmwareqca6574_firmwaresa415m_firmwareipq8076a_firmwarear9380sdx20msa8195psd675_firmwareqca6574a_firmwareqca9888qca6694sd665sa8155_firmwarewsa8830_firmwaresd888_5g_firmwareipq8174_firmwareqca8337sd_8_gen1_5g_firmwaresm6250_firmwareqcn6100sdxr2_5gqcn6132wcd9341wcn3980_firmwareqcs2290_firmwarewcn6851_firmwareipq4018_firmwarewcd9326sd680_firmwareqca8084sa6155p_firmwareqcn9074_firmwareqca9992_firmwaresa4150pqcn5154qca2065qca9377_firmwaresw5100_firmwareipq8173qcn9001qcn9072sd780gqca6564au_firmwarecsrb31024qca6426qca6335_firmwaresdx55m_firmwareqcs6125_firmwareqcn9100sd690_5g_firmwareqcn5022sm8475ipq8072_firmwaresa8155ipq6000sd765qcs605_firmwarewcd9330_firmwareipq5010wcn3988_firmwareqcn9022_firmwareqcs4290qca6554aipq5028sa4155pqcn7606sw5100psd_8cx_gen2sd845qcs410qca6428Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33306
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.10%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066qca8337ar9380ipq8173_firmwaresdx65qcn5124qca4024_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca2062qca6554a_firmwareqam8295pipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350wcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn9002qca9986ipq8065ipq8078a_firmwareqca6678aq_firmwareipq5028qca6698aqipq6010ipq8068qcn6132qca6436wcn6851wcn7851_firmwareqca6698aq_firmwareqca9888_firmwareqcn6122ipq8068_firmwareqca2066_firmwarewcd9341qca6696_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwarewsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwarewcn7850_firmwaresm8475qcn5022_firmwaresa8295p_firmwarewcn6750_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcn9001_firmwaresdx55m_firmwareipq9008wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sxr1230pqca8072_firmwareqca9985wcd9335_firmwareqcn5052_firmwareqcn9274_firmwarewcn3980ipq6018_firmwarewsa8815wcn6850qcn6112qca9986_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024ipq9574_firmwarewcn3980_firmwaresdx55mipq8064_firmwaresa8295pqca2062_firmwarewcn6740_firmwareqca6678aqipq8078_firmwareqcn5054wcn6851_firmwareqca9994qca9980qcn9024_firmwareipq8174_firmwaresd870wsa8832wcn6855ipq6018qca9886_firmwareqca6595_firmwareqca6391_firmwareqca2064qca4024sd780g_firmwarewcd9370_firmwaresd888_firmwaressg2115p_firmwarear8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqca8082qcn9072qca8386qca9992qca6390_firmwareqca2064_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqca8082_firmwareqcn5122_firmwareqca6595auqcn6023_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584auqcn9274ipq8174qca9990qcn9001qcs6490sdxr2_5gqcn5052wcn7851qcn6112_firmwareqcn9074qca8085wsa8810_firmwarewcd9335qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca8085_firmwareqca2065_firmwareqcs6490_firmwaresd_8cx_gen3ar8035csr8811qca6390wcd9375qcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqca8072wcn3990qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwaresd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwarewsa8835sd888_5gqcn5154qca8075_firmwaressg2125p_firmwareqca6574awcn6855_firmwareqca9889qcn6132_firmwareqcn9003_firmwareqca9888qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886sxr2230pipq8076qca6574a_firmwareqcn5152qca6391qcn6102qcn9100sdx65_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwareipq9574qcn5122wcd9341_firmwarewsa8810wcn6856qcn5022ipq6010_firmwarewcn6740qca6696qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33285
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.46% / 64.33%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqcn5124mdm9645wcn3950_firmwareqca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415msm4375wcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca8081_firmwarewcn3998_firmwareqca6420qcn9002qca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2ipq8072_firmwaresa8155_firmwareipq8068qca6430wcd9340sd765gsd680wcn7851_firmwaremdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresd712sd660_firmwaresm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwaremsm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca9985qcn9012_firmwareqcn9274_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca6584_firmwaremdm9215_firmwaresd695ipq6028ipq8064sd835pmp8074ipq9574_firmwarewcn3980_firmwaresd730qcc5100_firmwaresa8295pqca2062_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031sdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640qca9379sxr2150pqcn7606qsm8250_firmwarewsa8830qca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca8082qca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqcn6102_firmwareqcn9011_firmwaresa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqrb5165nqca6584ausd778gipq8174wcn7851qcn5052qca9367sdm630mdm9607_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421qca8085sd778g_firmwaresa8195psm4375_firmwarewcd9326wcd9335qcn6023qcs4290_firmwareqca8085_firmwareqcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sm6250_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcx315qcm6125_firmwaresd780gsd865_5gqca6595qcc5100ipq8065_firmwareqcx315_firmwaresd665_firmwareqcn5154qca8075_firmwaresc8180xmdm9206wcn6855_firmwareqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sm7325p_firmwaresd665qca6175asd765qca6574a_firmwareqrb5165msd850_firmwaresm7315apq8009mdm9310qcn6102csrb31024_firmwareqcm6490_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwareqcn9002_firmwareipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresd_8cx_gen3_firmwareqca2066sa6150p_firmwareqcs610qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqca6554a_firmwareqam8295psd_8cx_gen2_firmwareipq8076amdm9628qca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwaresd680_firmwarewcn3999qrb5165_firmwareipq5028qrb5165m_firmwareipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405qcn6132sw5100qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341ipq8068_firmwareqca2066_firmwareqca6431sd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438wcn7850_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072asw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024wcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870qsm8250ipq6018sd695_firmwaresdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresa8155psd675ar8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresd7c_firmwarecsra6620qcn9072qca8386sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605qca2065sd662qcn5124_firmwareqam8295p_firmwareqca1064qcn6100_firmwareqca8082_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcn9001qca9990qcs6490sa515m_firmwaresdxr2_5gsd821sa6145p_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwaresd_8cx_gen3ar8035csr8811apq8064auqcn9100_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwareqca6564asa4150pqca8072qcm2290_firmwarewcn3990qcn9000sd_675qca6554aar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pipq4018qca6574aqca9889qca6174asm7325pipq8074qca9994_firmwarewcn6750qcn9003ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwareqcn9100sdx65_firmwareqcm4290sdx50msdx20mdm9215qcn9011sd_455ipq8074_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029sd850Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33236
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.43%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqcn9072_firmwareqcn9000qca8082qcn5054_firmwareqca9889qcn6024_firmwareipq5018ipq6028qcn9070wcn7850qcn5122qca6426_firmwareipq8078aqca9889_firmwareipq5028_firmwareqcn5124wsa8830wcn6740_firmwarewcn6856wsa8815qcn9003qca6390ipq9008ipq5010_firmwarewcn7851_firmwareipq9008_firmwareqca4024_firmwarewcn6850csr8811ipq6018_firmwareqcn9100_firmwareqca8386_firmwareqcn5122_firmwareqcn5022_firmwareqcn6024ipq8078a_firmwareqca8386qca8072qca8084_firmwareipq6010sd865_5g_firmwareqcn5024qcn9074qcn9274_firmwareqcn5054wcd9380qcn6102_firmwareqcn5024_firmwareqcn5052qca8081ar8035_firmwarewcn6856_firmwareqcn6132_firmwaresd870ipq6018qcn5152_firmwareipq5018_firmwareqcn6100_firmwareqca6390_firmwarear8035qcn6112qcn9024_firmwarewcn6855_firmwareqca8072_firmwarewcn6855ipq8072aipq8070asdx65_firmwareipq8070a_firmwaresd870_firmwareqcn5124_firmwareipq8078_firmwareqcn5164_firmwareqcn5152ipq6028_firmwareqcn6023qca8081_firmwareqcn9022wsa8835qca9888_firmwarewcn6850_firmwarecsr8811_firmwareqcn9002_firmwareqcn9274wsa8810_firmwareqca8337_firmwarewsa8815_firmwareqcn5164qca8075_firmwareqcn6122_firmwarewcn6740ipq8072a_firmwareipq8078ipq8076aqca6436wcn7850_firmwareqcn6112_firmwaresdx65ipq8071aqca4024wsa8810qcn9000_firmwareipq8173_firmwareqcn9001_firmwareqcn9070_firmwareqca8075wsa8835_firmwareipq8076qcn5154_firmwareipq6010_firmwareqca6391qcn9024qcn5052_firmwarewcn6851ipq8076a_firmwareqca9888ipq8074aqcn6023_firmwarewsa8830_firmwareqca8082_firmwareipq8174_firmwareqca8337sd_8_gen1_5g_firmwareqcn6100ipq8174qcn6122qcn6132wcn6851_firmwareqca8084qca6391_firmwareqcn9074_firmwareqcn5154qca8085_firmwareipq8173qcn9001qcn9072ipq8076_firmwaresd865_5gqca6426qcn9003_firmwareqcn9100qcn5022sm8475ipq8071a_firmwareqca8085ipq6000ipq5010wcn7851qcn9002qcn9022_firmwareipq5028qca6436_firmwareipq8074a_firmwareipq6000_firmwareqcn6102Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33253
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.22%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066sa6150p_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca2062sa415mwcn3998qca6554a_firmwareqam8295psd_8cx_gen2_firmwareqcn6024_firmwareipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qcn9002qca9986ipq8070_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwaresa8155_firmwareipq6010ipq8068qca6430wcd9340qcn6132qca6436wcn6851sa6155pwcn7851_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwareqca6431sd870_firmwareqca1062ipq9008_firmwareqcn5154_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwaresa8295p_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024qca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca9986_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074ipq9574_firmwarewcn3980_firmwaresdx55mipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwaresd870wcn6855qsm8250sa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155psxr2150par8035_firmwareqsm8250_firmwareqcn5024_firmwarewsa8830qcn9070sa8145p_firmwareqca1062_firmwarecsrb31024qca8082qcn9072qca8386qca9992qca6420_firmwareqca6390_firmwareqca2064_firmwareipq6000wcd9370qcn5152_firmwareqca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqca1064sa8155qcn6100_firmwareqca8082_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqcn9274ipq8174wcn7851qcn9001qca9990qcs6490qcn5052sa515m_firmwaresdxr2_5gqcn6112_firmwaresa415m_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresa8195pwsa8810_firmwareqca8081qcn6023ipq8071aipq8071a_firmwarewcd9385qca8085_firmwareqcs6490_firmwareqca2065_firmwaresd_8cx_gen3qca6390wcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315sa4150pqca8072qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwareqcx315_firmwarewsa8835sd888_5gqcn5154qca8075_firmwareqca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqcn9003_firmwareqca9888qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sm7325p_firmwareipq8076qca6574a_firmwareqcn5021qcn5152qrb5165msm7315qca6391aqt1000_firmwareqcn6102qcn9100sdx65_firmwarecsrb31024_firmwareqcm6490_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011qca6574auqca9889_firmwaresa8155p_firmwareqcn5122ipq9574wcd9341_firmwarewsa8810wcn6856qcn5022ipq6010_firmwareqca1064_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 12
  • 13
  • Next
Details not found