Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-49475

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-09 Jun, 2026 | 16:00
Updated At-09 Jun, 2026 | 20:19
Rejected At-
Credits

FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to causes the parser to read and write past the end of the attribute, producing an out-of-bounds memory access on the per-leg media buffer. This issue has been patched in version 1.11.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:09 Jun, 2026 | 16:00
Updated At:09 Jun, 2026 | 20:19
Rejected At:
â–¼CVE Numbering Authority (CNA)
FreeSWITCH: Out-of-bounds memory access in core STUN attribute parsing

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to causes the parser to read and write past the end of the attribute, producing an out-of-bounds memory access on the per-leg media buffer. This issue has been patched in version 1.11.0.

Affected Products
Vendor
signalwire
Product
freeswitch
Versions
Affected
  • < 1.11.0
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
CWECWE-125CWE-125: Out-of-bounds Read
CWECWE-787CWE-787: Out-of-bounds Write
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-787
Description: CWE-787: Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926
x_refsource_CONFIRM
https://github.com/signalwire/freeswitch/releases/tag/v1.11.0
x_refsource_MISC
Hyperlink: https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/signalwire/freeswitch/releases/tag/v1.11.0
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:09 Jun, 2026 | 17:17
Updated At:10 Jun, 2026 | 15:06

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.0, a STUN packet whose declared attribute length is shorter than the structure the parser casts to causes the parser to read and write past the end of the attribute, producing an out-of-bounds memory access on the per-leg media buffer. This issue has been patched in version 1.11.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
freeswitch
freeswitch
>>freeswitch>>Versions before 1.11.0(exclusive)
cpe:2.3:a:freeswitch:freeswitch:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarysecurity-advisories@github.com
CWE-125Primarysecurity-advisories@github.com
CWE-787Primarysecurity-advisories@github.com
CWE ID: CWE-20
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-125
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-787
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/signalwire/freeswitch/releases/tag/v1.11.0security-advisories@github.com
Release Notes
https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926security-advisories@github.com
Third Party Advisory
Hyperlink: https://github.com/signalwire/freeswitch/releases/tag/v1.11.0
Source: security-advisories@github.com
Resource:
Release Notes
Hyperlink: https://github.com/signalwire/freeswitch/security/advisories/GHSA-9j6h-hc95-q926
Source: security-advisories@github.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

2098Records found
CVE-2023-33672
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.10% / 26.43%
||
7 Day CHG~0.00%
Published-02 Jun, 2023 | 00:00
Updated-08 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ac8ac8_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34620
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.22%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-03 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered hjson thru 3.0.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Action-Not Available
Vendor-hjson_projectn/a
Product-hjsonn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33658
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.54% / 68.01%
||
7 Day CHG+0.39%
Published-08 Jun, 2023 | 00:00
Updated-06 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.

Action-Not Available
Vendor-emqxn/a
Product-nanomqn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34935
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.84%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-05 Dec, 2024 | 15:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_b1stmagic_b1st_firmwaren/amagic
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34937
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 33.41%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-27 Nov, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_b1stmagic_b1st_firmwaren/amagic
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34936
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.84%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-27 Nov, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_b1stmagic_b1st_firmwaren/amagic
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34942
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.29%
||
7 Day CHG~0.00%
Published-12 Jun, 2023 | 00:00
Updated-02 Aug, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-n10lx_firmwarert-n10lxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34358
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.39%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 04:09
Updated-21 Oct, 2024 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AX88U - Out-of-bounds Read - 1

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax88u_firmwarert-ax88uRT-AX88Urt-ax88u
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34609
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.50%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-06 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered flexjson thru 3.3 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Action-Not Available
Vendor-flexjson_projectn/a
Product-flexjsonn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34623
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.68%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-03 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Action-Not Available
Vendor-jtidy_projectn/a
Product-jtidyn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34924
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.91%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 18:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_b1stwmagic_b1stw_firmwaren/amagic_b1stw
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34615
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.91%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-03 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered JSONUtil thru 5.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Action-Not Available
Vendor-pwalln/a
Product-jsonutiln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34351
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 38.90%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 13:38
Updated-29 Oct, 2024 | 16:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer underflow in some Intel(R) PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-performance_counter_monitorIntel(R) PCM softwarepcm
CWE ID-CWE-124
Buffer Underwrite ('Buffer Underflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-34359
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.35% / 58.09%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 04:31
Updated-21 Oct, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AX88U - Out-of-bounds Read - 2

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_decode()" function of ej.c, resulting in a DoS condition.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax88u_firmwarert-ax88uRT-AX88Urt-ax88u
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34614
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.63%
||
7 Day CHG~0.00%
Published-14 Jun, 2023 | 00:00
Updated-06 Jan, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered jmarsden/jsonij thru 0.5.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Action-Not Available
Vendor-jsonij_projectn/a
Product-jsonijn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33097
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 34.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while processing a FTMR frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwaresnapdragon_8_gen_1_mobile_platformwsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124sg8275p_firmwareipq8173_firmwareqam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareqcn9002ipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174qcn9001ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010qcs8550_firmwaresc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca8072qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550qcn9001_firmwareipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwaresd_8_gen1_5gqcn6274wcd9380ipq9554_firmwareqcn5054_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024qca9889qcn6132_firmwareqcn9003_firmwaresxr1230pqca9888qca8072_firmwaresg8275pqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqcn9003qfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwarefastconnect_7800qcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwarefastconnect_6900qcn5054qcn9070_firmwarefastconnect_6900_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550psnapdragon_8_gen_1_mobile_platform_firmwareimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696qcs8550immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9002_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33027
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing rsn ies.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd865_5gqca6595snapdragon_xr1_platformipq6028_firmwareimmersive_home_214_platformqca8081_firmwareqcn9001sm7250-absnapdragon_x50_5g_modem-rf_systemwcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024ar9380qcc710_firmwareqca6426sc8180x-absa4150pqcn5124_firmwaresm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qcn7605qca6574au_firmwareqcn7606_firmwareipq8078a_firmwarewcn785x-5qam8295pwcd9341wsa8810_firmwaresd730_firmwarewsa8845h_firmwareqca2064_firmwaresdm670sm8150-acsm6375_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acvideo_collaboration_vc1_platform_firmwaresa4155pqcn9000qca2062_firmwaresm6375sm7250-aa_firmwareqsm8250_firmwaresc8180xp-acqsm8350_firmwarevideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310snapdragon_630_mobile_platformipq8074a_firmwareipq8076aqcs603_firmwarewcd9360snapdragon_ar2_gen_1_platform_firmwareimmersive_home_3210_platform_firmwaresa6155psm7150-ac_firmwareqca6564au_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresm7325_firmwaresa6155p_firmwareqca6390_firmwaresd835qca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070sc8180x-afsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqca8084sm4125_firmwaresm8250-ac_firmwareqca6420wcn3910csrb31024snapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwareqcc2076snapdragon_660_mobile_platformqca6574asm7325-aeqca9898_firmwarewcd9340qcs8250_firmwareqcm2290snapdragon_630_mobile_platform_firmwaresm6150-acsc8180xp-aa_firmwareqcn6122_firmwareqcn5154_firmwaresm8150-ac_firmwareipq8074sm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcn5122_firmwareqcn9024pmp8074qca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemqca2066_firmwaresdm710_firmwaresc8180xp-ac_firmwareqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550psa6145pqcn6122sa8255p_firmwarewcn785x-1_firmwareqcc2073qrb5165m_firmwareqca9985ipq8071aqcn6112wcn3950_firmwareqrb5165nqca1062_firmwaresc7180-acsm7325p_firmwaresd460wcd9360_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresd670_firmwareimmersive_home_326_platform_firmwareqca6438_firmwaresc8280xp-bb_firmwareqcn9072sm7150-aaqcn6224_firmwareipq4028_firmwareqca6431sd660_firmwareqca8082_firmwaresm6350sxr2130_firmwarear8035_firmwareqrb5165mqca1064qca6320snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwareqcs6125_firmwareqca9992_firmwareqca6428qca9990ipq8070ipq9008_firmwareqcn9074sdm712_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresm7325ipq8173sm8350-ac_firmwaresm7250p_firmwarewcn3999ipq6010_firmwarewcn785x-5_firmwarewcn3950sm4250-aasnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm4350_firmwaresm7350-ab_firmwareipq5028qca9986wcn3991qcf8001_firmwareqcn9070_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresm7150-aa_firmwaresnapdragon_845_mobile_platform_firmwaresd888sd460_firmwaresnapdragon_4_gen_2_mobile_platformipq8069wcn685x-5ipq8065qca6310_firmwareqcs7230sm8250-acwcd9371qcn9001_firmwaresc8180xp-aasnapdragon_xr2_5g_platform_firmwareqca8075_firmwarevision_intelligence_300_platform_firmwaresm7350-absm8350_firmwareqca2065_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwaresm7225_firmwareqca6698aq_firmwareqcs2290qcn76068998_firmwareqcs2290_firmwaresc8280xp-bbwcn3999_firmwareqca8084_firmwareqcn7605_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwaresc8180xp-abwcn6750qcn5024qca6430wcn6750_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125pcsra6640_firmwaresm4350immersive_home_326_platformqcn9013_firmwareqam8650p_firmwarewcn3998qca2062video_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwaresd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwaresm4250-aa_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660sdm670_firmwaresm4375wsa8815qam8775pqcm4325_firmwaresm7125_firmwareipq8069_firmwareqcm4290_firmwareqca9888_firmwareqca9889qca1062qcn5024_firmwareqcn9002_firmwareipq5010qcn9274_firmwaresg4150p_firmwaresc8180xp-af_firmwarecsra6620_firmwareqcs8550ipq8068_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresc7180-ad_firmwarewcd9375sdm712qca9889_firmwaresa8145psd_675immersive_home_316_platformsm4350-ac_firmwareqca2066csr8811sc7180-ac_firmwaresm7250-ac_firmwarewcn685x-1_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100psxr1120ipq9574qcn9000_firmwareqcn6102_firmwarevision_intelligence_300_platformqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca6696wcd9341_firmware8998qcn9003_firmwareqca6390qcc2073_firmwareipq8076wcn6740_firmwareqca1064_firmwareipq6018_firmwareqca9984_firmwareqcn6023immersive_home_216_platformqca9994_firmwareipq6000snapdragon_auto_4g_modemipq8078asm8150_firmwareqca6574auwcd9390csra6640sc8180x-af_firmwareqcn9100_firmwareqcn5122sd730qca6554aqcn6024_firmwareqca9886_firmwaresm8350qcm6125_firmwaressg2115pqcc710snapdragon_850_mobile_compute_platformqcn6132_firmwaresxr1120_firmwareqcn5054robotics_rb3_platform315_5g_iot_modem_firmwaresm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwareipq8064sa8155_firmwareqcn5164sm7150-abqca6335qcs4490sc7180-adsc8180xp-afsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6421_firmwareqcm6125sc8180x-adcsr8811_firmwaresm7125wsa8810qcn5021qca8085qsm8250snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595ausm7315_firmwarewcd9326_firmwarewsa8840qcs8550_firmwareqca9986_firmwareqfw7124_firmwareqcn9012wcd9371_firmwareqcs4490_firmwareqcf8001wcn3910_firmwaresdx65mwcd9370_firmwareipq9570sa8195pqca6335_firmwareqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformqcn9274ipq8076a_firmwareipq9570_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwareqca6430_firmwaresc8180x-aaipq4029_firmwareqcn9011qcs605qcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_662_mobile_platformqcn9074_firmwareipq8174sc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwareipq8174_firmwaresnapdragon_665_mobile_platformar8035ipq8072asa6155qca2065qcm4325robotics_rb5_platformqcn6224sc8280xp-absm8475_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250sm7250-acsc8180x-aa_firmwaresd670wcn685x-1sa8145p_firmwaresa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformsnapdragon_636_mobile_platform_firmwarewcn3990qca6428_firmwareqcn9002ipq8078snapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250ipq9554_firmwarear8031_firmwarewsa8830_firmwareqca6678aq_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqcc2076_firmwareqcs603qca6678aqsnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresm8475qca9992sm8250-ab_firmwaresa4150p_firmwareqca9898ipq9008ipq9554qca6564ausc8180xp-adsm6250p_firmwareimmersive_home_214_platform_firmwaresm7325-af_firmwaresa8195p_firmwareqcm4290qcn5054_firmwareqca9888ipq5332snapdragon_680_4g_mobile_platformsd_455_firmwareqcn9013ar8031sg8275p_firmwareqcm6490_firmwareipq8072a_firmwaresm4125qcm4490_firmwarerobotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcn6112_firmwareqcs6125apq5053-aa_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwareqca8085_firmwareapq5053-aasdm710sd_455qca9886qcn6132sm6250_firmwaresc8180x-ad_firmwareqcn6102qca6584auqca6320_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740sm6225-ad_firmwareqfw7114_firmwareqcs605_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250_firmwareimmersive_home_216_platform_firmwareipq8070asm7225wcd9380ipq4028qam8255psa6145p_firmwaresa6155_firmwaresxr2230pqca9990_firmwaresa8150pqcn9003snapdragon_665_mobile_platform_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230psm6225-adsd662_firmwaresm4350-acipq6010sw5100aqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855sc8180x-ab_firmwarewcn3990_firmwaresm7315qca6564a_firmwarewcd9385qca9994qsm8350sc8180xp-ab_firmwaresd662qcs4290sxr1230p_firmwareipq4018sg8275psm6250psdx55_firmwareipq8071a_firmwareqca6438qca6554a_firmwaresxr2130ipq6028qcm44908098_firmwaresnapdragon_636_mobile_platformqcn9100sm7150-ab_firmwaresnapdragon_xr2\+_gen_1_platformipq4029sm7325paqt1000_firmwareipq4018_firmwaresm6150-ac_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274sc8180x-acqfw7124ipq8074_firmwareqca6595au_firmwareqca0000sc8180x-ac_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwareqca6797aqsm4375_firmwareqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwareipq8074aimmersive_home_318_platformsd675sm6350_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca8386qca6391wcn785x-1ipq8173_firmwareqcn9012_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295p8098snapdragon_xr1_platform_firmwarerobotics_rb5_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwareipq8078_firmwarewcn685x-5_firmwarewcn3988_firmwareipq8070_firmwareqcn5154sd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_660_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980qcs610Snapdragonqam8255p_firmwaresnapdragon_850_mobile_compute_platform_firmwaresa6150p_firmwaresm6250p_firmwareipq4028_firmware315_5g_iot_modem_firmwaresg8275p_firmwareipq8173_firmwareqca6431_firmwarewcd9360_firmwareqca4024_firmwareimmersive_home_318_platform_firmwarewcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresd_455_firmwarecsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6554a_firmwarewcd9371_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresd460_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6438_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareipq4029_firmwaresa4155p_firmwareqcf8001_firmwaresa8155_firmwarerobotics_rb3_platform_firmwaresd662_firmwareqca6698aq_firmwareqca9888_firmwareqam8775p_firmwareipq8068_firmwareqca2066_firmwareqca6696_firmwareipq9008_firmwareqcn5154_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqca9980_firmwareipq8076a_firmwareqcn9001_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwarecsr8811_firmwareipq9554_firmwareqcn5054_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwarewcd9335_firmwareqca6335_firmwareqcc2073_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarepmp8074_firmwaresnapdragon_630_mobile_platform_firmwareqca9986_firmwareqca6426_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwarear8031_firmwareipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwareqca9886_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqsm8250_firmwareqcn5024_firmwaresnapdragon_662_mobile_platform_firmwaresa8145p_firmwaresxr2230p_firmwareqca1062_firmwareqcs2290_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwareipq8069_firmwareqca2064_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9385_firmwarewcd9326_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwaresnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3999_firmwareqcn6023_firmwarewsa8845h_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwaresdx65m_firmwareipq8071a_firmwareqcs4290_firmwareqca8085_firmwaresxr2130_firmwareqca2065_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqca9898_firmwaresm6250_firmwareqcn9100_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_636_mobile_platform_firmwaresxr1120_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwarear9380_firmwareqcs7230_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcn6132_firmwareqcn9003_firmwareqca6310_firmwareqca9994_firmwareqcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareipq8074_firmwareqca9889_firmwaresa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcn9013_firmwaresd835_firmwareqam8650p_firmwareipq6010_firmwareqca1064_firmwareqcn9022_firmwarewcd9390_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-32820
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-0.44% / 63.58%
||
7 Day CHG~0.00%
Published-02 Oct, 2023 | 02:05
Updated-23 Sep, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt6873mt6893mt8675mt6886mt6983mt7902mt8666mt7663mt6891mt6883mt5221mt6853tmt7921mt8768mt8789mt6875mt8797mt6889mt8781mt8766mt8786mt6985mt8695mt6833mt6885mt8673yoctomt6877mt6781mt8365mt6853mt8518smt6895linux_kernelmt8168mt8798androidiot_yoctomt8791mt7668mt8532mt6879MT5221, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8168, MT8365, MT8518S, MT8532, MT8666, MT8673, MT8675, MT8695, MT8766, MT8768, MT8781, MT8786, MT8789, MT8791, MT8797, MT8798mt6855mt6873mt6893mt8675mt6886mt6983mt7902mt8666mt7663mt6891mt6883mt5221mt6853tmt7921mt8768mt8789mt6875mt8797mt6889mt8781mt8766mt8786mt6985mt8695mt6833mt6885mt8673mt6877mt6781mt8365mt6853mt8518smt6895mt8168mt8798androidmt8791mt7668mt8532mt6879
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2023-33016
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.65%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN firmware while parsing MLO (multi-link operation).

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareimmersive_home_318_firmwareipq8173_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386snapdragon_8_gen_1ipq8078aipq5028_firmwareipq6000immersive_home_216ssg2115pqcn5152_firmwareqcn9000_firmwarewcd9385_firmwareipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareipq8074aqcn5124_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwareqca8081_firmwareqcn6023_firmwareipq5010immersive_home_214ipq8078a_firmwareqcn9274ipq8174ipq5028qcn5052ipq6010qcs8550_firmwareqcn9074qca8085qcn6132qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca8085_firmwareqca9888_firmwareqcn6122immersive_home_316_firmwareqcn5154_firmwarecsr8811qcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aimmersive_home_214_firmwareipq8076a_firmwareipq8078qca8084ipq8173snapdragon_8_gen_1_firmwareqcn5164snapdragon_ar2_gen_1qcn6122_firmwarewsa8835sxr1230p_firmwarecsr8811_firmwaresd_8_gen1_5gwcd9380qcn5154qca8075_firmwaressg2125p_firmwareqcn5024qca9889qcn6132_firmwaresxr1230pqca9888qcn5052_firmwareqcn9274_firmwareipq8070a_firmwareipq6018_firmwareipq8076_firmwaresxr2230pipq8076qcn5152ipq6028qcn9024ipq9574_firmwarefastconnect_7800qcn9100snapdragon_ar2_gen_1_firmwareipq8078_firmwarewsa8832_firmwarefastconnect_6900qcn9070_firmwarefastconnect_6900_firmwareimmersive_home_318ipq6028_firmwareipq8072a_firmwareimmersive_home_316qca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwarewsa8832ipq6018qcn5022ipq6010_firmwareqcs8550qca4024qca8075qcn9022_firmwareqcn6024qcn9022ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33080
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_x20_lte_modemsd865_5gmdm9215_firmwareqca6595snapdragon_xr1_platformipq6028_firmwareimmersive_home_214_platformqca8081_firmwareqcn9001sm7250-absnapdragon_x50_5g_modem-rf_systemwcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024sdm845ar9380qcc710_firmwareqca6426sc8180x-abwcn3610sa4150pqcn5124_firmwaresm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qcn7605qca6574au_firmwareqcn7606_firmwareipq8078a_firmwarewcn785x-5qca6564_firmwareqam8295pwcd9341sd626_firmwaresnapdragon_x12_lte_modemwsa8810_firmwaresd730_firmwarewsa8845h_firmwareqca2064_firmwaresdm670sm8150-acsm6375_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acvideo_collaboration_vc1_platform_firmwaresa4155pqcn9000sd821qca2062_firmwaresm6375sm7250-aa_firmwaresc8180xp-acqsm8350_firmwarevideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310snapdragon_630_mobile_platformipq8074a_firmwareipq8076awcd9360snapdragon_ar2_gen_1_platform_firmwareapq8053-aa_firmwaresd821_firmwareimmersive_home_3210_platform_firmwaresa6155psm7150-ac_firmwareqca6564au_firmwaresd820qca8075qam8650pvideo_collaboration_vc5_platform_firmwaresm7325_firmwaresa6155p_firmwaremdm9640_firmwareqca6390_firmwaresd835qca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070sc8180x-afsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqca8084sm4125_firmwaresm8250-ac_firmwareqca6420qca6174_firmwarewcn3910apq8064au_firmwarecsrb31024qca9367mdm9250_firmwareqcc2076snapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asm7325-aeqca6174aqca6584_firmwareqca9898_firmwarewcd9340qcs8250_firmwareqcm2290snapdragon_630_mobile_platform_firmwaresm6150-acsm6225sc8180xp-aa_firmwareqcn6122_firmwareqcn5154_firmwaresm8150-ac_firmwareipq8074sm8550p_firmwarewcn3998_firmwareqcm8550snapdragon_x20_lte_modem_firmwarewcn3988qcn5122_firmwarepmp8074qcn9024qca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemqca2066_firmwaresdm710_firmwaresc8180xp-ac_firmwareqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550psa6145pqcn6122sa8255p_firmwareqcc2073wcn785x-1_firmwaremdm8215msm8996auqrb5165m_firmwaremdm9645qca9985snapdragon_x5_lte_modemipq8071aapq8064auqcn6112wcn3950_firmwareqrb5165nqca1062_firmwaresc7180-acsm7325p_firmwaresd460wcd9360_firmwares820a_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresd670_firmwareimmersive_home_326_platform_firmwareqca6438_firmwaresc8280xp-bb_firmwareqcn9072sm7150-aaipq4028_firmwareqcn6224_firmwareqca6431sd660_firmwareqca8082_firmwareqca4020_firmwareqca9379_firmwaresm6350sxr2130_firmwarear8035_firmwareapq8009_firmwareqrb5165mqca1064qca6320snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaremdm9215snapdragon_662_mobile_platform_firmwareqcs6125_firmwareqca9992_firmwareqca6428qca9990ipq8070ipq9008_firmwareqcn9074sdm712_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresnapdragon_x12_lte_modem_firmwaresm7325ipq8173sm8350-ac_firmwaresm7250p_firmwarewcn3999ipq6010_firmwarewcn785x-5_firmwarewcn3950sm4250-aasnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm4350_firmwaresm7350-ab_firmwareipq5028qca9986wcn3991qcn9070_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresm7150-aa_firmwaresd888sd460_firmwaresnapdragon_4_gen_2_mobile_platformipq8069wcn685x-5ipq8065qca6310_firmwaresd626qcs7230sm8250-acs820awcd9371qcn9001_firmwaresc8180xp-aasnapdragon_xr2_5g_platform_firmwareqca8075_firmwarevision_intelligence_300_platform_firmwaremdm9645_firmwaresm7350-abqrb5165_firmwaresm8350_firmwareqca2065_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwaresm7225_firmwareqca6175a_firmwaresm6125qca6698aq_firmwareqcs2290qcn76068998_firmwareqcs2290_firmwaresc8280xp-bbwcn3615qca9367_firmwareqca8084_firmwarewcn3999_firmwareqcn7605_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwaresc8180xp-abwcn6750qcn5024qca6430wcn6750_firmwaremdm9650sc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125p9206_lte_modem_firmwarecsra6640_firmwaresm4350immersive_home_326_platformqam8650p_firmwarewcn3998qcn9013_firmwareqca2062video_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwaresd855_firmwarewcd9335_firmwaremdm9640qca6436qrb5165n_firmwaresnapdragon_1200_wearable_platformsnapdragon_x24_lte_modem_firmwarewcn3980_firmwareqca6391_firmwarewsa8835wsa8840_firmwaresm4250-aa_firmwaremdm9310_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660mdm9628sm4375sdm670_firmwareqam8775pqca9377wsa8815qcm4325_firmwaresm7125_firmwareipq8069_firmwareqcm4290_firmwareqca9888_firmwareqca9889qca6175aqca1062qcn5024_firmwareqcn9002_firmwareipq5010qrb5165qcn9274_firmwaremdm9615_firmwaresg4150p_firmwaresc8180xp-af_firmwarecsra6620_firmwaresnapdragon_820_mobile_platform_firmwareqcs8550ipq8068_firmwaremdm8215_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresc7180-ad_firmwarewcd9375sdm712qca9889_firmwaresa8145psd_675immersive_home_316_platformsm4350-ac_firmwareqca2066csr8811apq8053-aasc7180-ac_firmwaresm7250-ac_firmwarewcn685x-1_firmwarewcn3680b_firmwareqcm8550_firmwareapq8017qcs410_firmwaresa6150p_firmwaresw5100pipq9574qcn9000_firmwareqcn6102_firmwaresxr1120vision_intelligence_300_platformqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca6696wcd9341_firmware8998qcn9003_firmwareqca6390qcc2073_firmwareipq8076wcn6740_firmwareqca1064_firmwareipq6018_firmwareqca9984_firmwareqcn6023immersive_home_216_platformqca9994_firmwareipq6000snapdragon_auto_4g_modemipq8078asm8150_firmwareqca6574auwcd9390csra6640sc8180x-af_firmwareqcn9100_firmwarewcn3660b_firmwareqcn5122sd730qca6554aqcn6024_firmwaresdx20mqca9886_firmwaresm8350qcm6125_firmwaressg2115pqcc710snapdragon_850_mobile_compute_platformqcn6132_firmwaremdm9615sxr1120_firmwaresnapdragon_x5_lte_modem_firmwareqcn5054robotics_rb3_platform315_5g_iot_modem_firmwaresm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresnapdragon_821_mobile_platform_firmwareipq8064sa8155_firmwareqcn5164sm7150-abqca6335qcs4490sc7180-adsc8180xp-afmdm9250snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6421_firmwareqcm6125sc8180x-adcsr8811_firmwaresm7125wsa8810qcn5021qca8085snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595ausm7315_firmwarewcd9326_firmwarewsa8840qcs8550_firmwareqca9986_firmwareqfw7124_firmwareqcn9012mdm9650_firmwaresnapdragon_821_mobile_platformwcd9371_firmwareqcs4490_firmwarewcn3910_firmwareapq8009qca4531_firmwaresdx65mwcd9370_firmwareipq9570mdm9310sa8195pqca6335_firmwareqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformqcn9274qca9379ipq8076a_firmwareipq9570_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwareqca6430_firmwaresc8180x-aaipq4029_firmwareqcn9011qcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_662_mobile_platformqcn9074_firmwarevision_intelligence_400_platform_firmwareipq8174sc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwareipq8174_firmwarear8035ipq8072aqca6564sa6155qca2065qcm4325qcn6224sc8280xp-absm8475_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250sm7250-acsc8180x-aa_firmwaresd670wcn685x-1sa8145p_firmwarewcn3680bsnapdragon_820_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformsnapdragon_636_mobile_platform_firmwarewcn3990qca6428_firmwareqcn9002ipq8078qcs6490qcs8250ipq9554_firmwarear8031_firmwarewsa8830_firmwareqca6678aq_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqcc2076_firmwareqca6678aqsnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresm8475qca9992sm8250-ab_firmwaresa4150p_firmwareqca9898ipq9008ipq9554qca6564ausm6225_firmwaresc8180xp-adsm6250p_firmwareimmersive_home_214_platform_firmwaresm7325-af_firmwaresa8195p_firmwareapq8053-ac_firmwareqcm4290qcn5054_firmwareqca9888ipq5332sd_455_firmwaresm6125_firmwareqcn9013ar8031snapdragon_1200_wearable_platform_firmwareqca9377_firmwareqcm6490_firmwareipq8072a_firmwaresm4125qcm4490_firmwarerobotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcn6112_firmwareqcs6125apq5053-aa_firmwaresnapdragon_7c\+_gen_3_computeqca8085_firmwareapq5053-aasdm710sd_455qca9886qcn6132sm6250_firmwaresc8180x-ad_firmwareqcn6102qca6584auqca6320_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740sm6225-ad_firmwareqfw7114_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250_firmwareimmersive_home_216_platform_firmwareipq8070asm7225apq8017_firmwarewcd9380ipq4028qam8255psa6145p_firmwaresa6155_firmwaresxr2230pqca9990_firmwaresa8150pqcn9003snapdragon_x24_lte_modemmsm8996au_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230psm6225-adsd662_firmwaresm4350-acipq6010sdm660_firmwaresw5100aqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855sdm660sc8180x-ab_firmwareqca6174wcd9330_firmwarewcn3990_firmwaresm7315qca6564a_firmwaresdx20m_firmwareqca9994qsm8350sc8180xp-ab_firmwarewcd9385wcd9330sd662wcn3610_firmwareqcs4290sxr1230p_firmwareipq4018sd820_firmwaresm6250psdx55_firmwareipq8071a_firmwareqca6438wcn3615_firmwareqca6554a_firmwaresxr2130ipq6028qcm44908098_firmwaresnapdragon_636_mobile_platformqcn9100sm7150-ab_firmwareqca4020ipq4029qca6174a_firmwaresm7325paqt1000_firmwareipq4018_firmwaresm6150-ac_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274sc8180x-acqfw7124ipq8074_firmwareqca6595au_firmwareqca0000sc8180x-ac_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwareapq8053-acwcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwaremdm9628_firmwareqca6797aqqcn5152ipq8065_firmwaresm4375_firmwarevision_intelligence_400_platform9206_lte_modemqca6574a_firmwaresdx55qcn9072_firmwaresdm845_firmwareipq8074aimmersive_home_318_platformsd675sm6350_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca4531qca6391qca8386wcn785x-1ipq8173_firmwareqcn9012_firmwareqca6584snapdragon_8_gen_2_mobile_platform_firmwaresa8295p8098snapdragon_xr1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwareipq8078_firmwarewcn685x-5_firmwarewcn3988_firmwareipq8070_firmwareqcn5154sd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980qcs610Snapdragonsnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-32695
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.3||HIGH
EPSS-0.30% / 53.86%
||
7 Day CHG~0.00%
Published-27 May, 2023 | 15:44
Updated-13 Jan, 2025 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient validation when decoding a Socket.IO packet

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3.

Action-Not Available
Vendor-socketsocketio
Product-socket.io-parsersocket.io-parser
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2023-33081
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 34.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresc8180x-ab_firmwareqca8337qfw7124ipq8173_firmwareqca6431_firmwareqam8775pqcf8001qcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwareqca6595au_firmwarewcn685x-1wcn3998qca6554a_firmwaresc8180xp-adipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwareqca8084_firmwareqca6574au_firmwareqcn5164_firmwarewcn3998_firmwareqca8081_firmwareqca6420sc8180xp-afipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqsc8180xp-aa_firmwareqca0000qcf8001_firmwareipq6010sc8380xp_firmwareqca6430sdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwarewcn685x-1_firmwareqca9888_firmwareqam8775p_firmwareqcn6122wcd9341qca6431qca6696_firmwaresc8180xp-ab_firmwareipq9008_firmwareqca1062sc8180x-abqcn5154_firmwareqca6797aqqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn5164qca6574csr8811_firmwaresc8180xp-aawcd9380ipq9554_firmwareqcn5024sxr1230psc8180xp-ad_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815qcn6112qca6426_firmwaresc8380xpipq6028sc8180x-adqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareqca6421_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqca6797aq_firmwarewcn785x-1_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832sc8180xp-ac_firmwareipq5332immersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55sm8250ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewcn3991_firmwarewsa8830qcn9070sxr2230p_firmwareqca1062_firmwareqam8650pwcn785x-5qcn6224_firmwareqca8082qcn9072qca8386qca6420_firmwareqca6390_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresnapdragon_8_gen_2_mobile_platformsm8250-abipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca1064qca8082_firmwaresnapdragon_x55_5g_modem-rf_systemqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewsa8845h_firmwareqfw7114qca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274ipq8174qcn5052sm8250_firmwareqcn6112_firmwaresm8250-acqcn9074qca6421qca8085wsa8810_firmwareqcn6224wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcd9385immersive_home_3210_platformqca8085_firmwaresxr2130_firmwareipq9570sc8180x-acqca6390ar8035csr8811aqt1000sc8180x\+sdx55_firmwarewcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcn9000qcf8000_firmwareqca6554asd865_5gqca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274qcn5154qca8075_firmwaresc8180xp-acqca6574assg2125p_firmwaresxr2130wcn685x-5_firmwareqca9889sc8180x-afqcn6132_firmwareqca9888qcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152wcn785x-5_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391aqt1000_firmwareqcn9100qcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwaresc8180xp-af_firmwareqca6574auqca9889_firmwareipq9574qcn5122wcd9341_firmwarewsa8810sc8180x-aa_firmwareipq5332_firmwaresm8550psnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwaresc8180x-aaqam8650p_firmwareipq6010_firmwaresc8180x-af_firmwareqca1064_firmwareqca6696sc8180xp-abqca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070asc8180x-ad_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-32463
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-3.4||LOW
EPSS-0.27% / 50.82%
||
7 Day CHG~0.00%
Published-23 Jun, 2023 | 07:51
Updated-08 Nov, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

Action-Not Available
Vendor-Dell Inc.
Product-vxrail_e665n_firmwarevxrail_p580n_vcfvxrail_e560nvxrail_e560f_vcfvxrail_d560vxrail_v470vxrail_g560f_vcfvxrail_g560fvxrail_e660fvxrail_s670vxrail_p570_vcfvxrail_d560_firmwarevxrail_p570_vcf_firmwarevxrail_vd-4000r_firmwarevxrail_s570vxrail_v570f_vcf_firmwarevxrail_e560n_vcfvxrail_p675nvxrail_p570f_firmwarevxrail_p570f_vcf_firmwarevxrail_p670nvxrail_s570_firmwarevxrail_vd-4000zvxrail_e560f_vcf_firmwarevxrail_p570f_vcfvxrail_v570fvxrail_e665f_firmwarevxrail_p675fvxrail_p570_firmwarevxrail_s470_firmwarevxrail_e665fvxrail_p470vxrail_p670fvxrail_e560_vcf_firmwarevxrail_e560f_firmwarevxrail_e660nvxrail_s670_firmwarevxrail_p670n_firmwarevxrail_v570f_firmwarevxrail_v570_vcfvxrail_vd-4000rvxrail_s570_vcf_firmwarevxrail_e560vxrail_d560f_firmwarevxrail_p670f_firmwarevxrail_e660n_firmwarevxrail_s570_vcfvxrail_e460_firmwarevxrail_e660_firmwarevxrail_v670fvxrail_e560fvxrail_v570f_vcfvxrail_vd-4520cvxrail_e560n_firmwarevxrail_e560_vcfvxrail_g560_vcf_firmwarevxrail_g560vxrail_d560fvxrail_g560_vcfvxrail_p570vxrail_g560f_vcf_firmwarevxrail_vd-4000z_firmwarevxrail_v570vxrail_e665vxrail_p570fvxrail_e660f_firmwarevxrail_vd-4510cvxrail_vd-4000wvxrail_vd-4510c_firmwarevxrail_p580n_vcf_firmwarevxrail_v470_firmwarevxrail_vd-4520c_firmwarevxrail_p580n_firmwarevxrail_v670f_firmwarevxrail_v570_firmwarevxrail_v570_vcf_firmwarevxrail_e560n_vcf_firmwarevxrail_g560f_firmwarevxrail_p470_firmwarevxrail_p580nvxrail_e665_firmwarevxrail_g560_firmwarevxrail_e660vxrail_s470vxrail_e665nvxrail_e560_firmwarevxrail_p675n_firmwarevxrail_vd-4000w_firmwarevxrail_p675f_firmwarevxrail_e460Dell EMC VxRail Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32889
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.22% / 79.42%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:50
Updated-18 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895).

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8765mt6753mt6765mt6769mt6781mt8673mt6763mt8791mt6983mt8675mt6580mt6735mt6891mt8791tmt6855mt6833mt8768mt6731mt6853tmt6873mt8789mt6985mt8798mt8667mt6835mt6883mt8385mt6779mt6875mt8321mt6886mt6762mt8781mt6889mt6757mt8797mt6877androidmt6737mt6785mt6768mt6853mt6771mt6893mt6885mt6757chmt8766mt6757cdmt6761mt6879mt8666mt8786mt6895mt6739mt8788mt6757cmt6789mt8185MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-7560
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 56.65%
||
7 Day CHG~0.00%
Published-04 Mar, 2018 | 20:00
Updated-05 Aug, 2024 | 06:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package before 0.1.2 has a Regular Expression Denial of Service (ReDoS) issue via a crafted multipart/form-data boundary string.

Action-Not Available
Vendor-aws-lambda-multipart-parser_projectn/a
Product-aws-lambda-multipart-parsern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33047
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.53%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing no-inherit IES.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwaresd865_5gipq9574qcn9000_firmwareqcn6102_firmwareqca6595qcn9022ipq6028_firmwareimmersive_home_214_platformqca8081_firmwarewcd9370qcn9001qca8072qca6696wcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qcn9003_firmwareqca6390ar9380qcc2073_firmwareqcc710_firmwareipq8076qca6426wcn6740_firmwareipq6018_firmwareqca9984_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareimmersive_home_216_platformqca8337qca9994_firmwareqca6426_firmwarewcd9395ipq6000qca6574au_firmwareipq8078aipq8078a_firmwarewcn785x-5qam8295pqca6574auwcd9390wsa8810_firmwarewsa8845h_firmwareqcn9100_firmwareqca2064_firmwareqcn5122qca6554aqcn6024_firmwareqca9886_firmwaresm8350qcn9000ssg2115pqcc710qcn6132_firmwareqca2062_firmwareqsm8350_firmwareqcn5054sm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114wcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemipq9574_firmwareqam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164snapdragon_ar2_gen_1_platform_firmwareqcs4490immersive_home_3210_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650pqca8085snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595auwsa8840qcs8550_firmwareqca6390_firmwareqca9986_firmwareqfw7124_firmwareqca6436_firmwareqcn9012ipq8070a_firmwareqcn9070qcs4490_firmwaresnapdragon_8_gen_2_mobile_platformqcf8001qca8084sm8250-ac_firmwaresdx65mwcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqcc2076qca6574aipq9570wcd9340qcm6490immersive_home_316_platform_firmwareqcn6122_firmwareqcn5154_firmwaresm8550p_firmwareimmersive_home_3210_platformqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwareqca6574snapdragon_x75_5g_modem-rf_systemipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca2066_firmwareqcn9024_firmwarewsa8845hqca8082qca8072_firmwarewsa8830sm8550pqcf8000_firmwareqcn9074_firmwareipq8174qcn6122sa8255p_firmwareipq8174_firmwarewcn785x-1_firmwareqcc2073ar8035ipq8072aqca2065qca9985qcn6224ipq8071asc8280xp-absm8475_firmwareqcn6112qca6698aqwcn3950_firmwaressg2125p_firmwarewcn685x-1video_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareqcn9002ipq8078immersive_home_326_platform_firmwareqcs6490ipq9554_firmwaresc8280xp-bb_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwareqcc2076_firmwaresxr2130_firmwareqca6678aqar8035_firmwareqcn5022_firmwaresm8475qca9992sc8380xpsm8250-ab_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwareipq9008ipq9554qca6564auqca9992_firmwareqca9990ipq9008_firmwareqcn9074immersive_home_214_platform_firmwarewsa8815_firmwaresm8250-abqca8337_firmwareqcn5054_firmwareqca9888ipq5332qcn9013sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwaresm8350-ac_firmwareipq6010_firmwareqcm4490_firmwarewcn785x-5_firmwarewcn3950snapdragon_xr2_5g_platformqcn6112_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresm7350-ab_firmwareipq5028qca9986qcf8001_firmwareqcn9070_firmwareqca8085_firmwaresa8295p_firmwareqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132ipq6018qcn6102qca6584ausd888qcn6274_firmwarewcn685x-5wcn6740sc8380xp_firmwareipq8065qfw7114_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250-acsm8250_firmwareqcn9001_firmwareimmersive_home_216_platform_firmwareipq8070awcd9380qam8255psxr2230pqca9990_firmwaresnapdragon_xr2_5g_platform_firmwareqcn9003qca8075_firmwareqcf8000qcn5052_firmwaresm7350-absnapdragon_auto_5g_modem-rf_firmwareqca2064sm8350_firmwaresxr1230pqca2065_firmwareipq6010sdx65m_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqam8295p_firmwareqca6698aq_firmwarewcd9385qca9994qsm8350sc8280xp-bbqca8084_firmwaresa8255psxr1230p_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwarewcn6750qcn5024sg8275pwcn6750_firmwaresdx55_firmwareipq8071a_firmwaresnapdragon_auto_5g_modem-rfssg2125pqca6554a_firmwaresxr2130ipq6028qcm4490qcn9100immersive_home_326_platformqam8650p_firmwareqcn9013_firmwareqca2062qcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qca6436qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000sm8250snapdragon_ar2_gen_1_platformipq8068qca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqcn5124qam8775pipq8064_firmwareqca6797aqqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_318_platformqca9889qcn5024_firmwaresd_8_gen1_5g_firmwareqcn9002_firmwarewcd9375_firmwareqca8386qca6391ipq5010qcn9274_firmwarewcn785x-1ipq8173_firmwareqcn9012_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295pqcs8550ipq8068_firmwareipq6000_firmwareqam8775p_firmwaresd865_5g_firmwarewcd9375ipq8078_firmwarewcn685x-5_firmwareqca9889_firmwareqcn5154immersive_home_316_platformwsa8835_firmwareqca2066ssg2115p_firmwarecsr8811qcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn685x-1_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2025-24970
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.95% / 76.84%
||
7 Day CHG~0.00%
Published-10 Feb, 2025 | 21:57
Updated-16 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.

Action-Not Available
Vendor-The Netty Project
Product-netty
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32890
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.30% / 53.91%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:50
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855mt6990nr17mt6873mt6893mt6983wmt2735mt6886mt6983tmt6783mt6878mt6891nr16mt6883mt6980dmt6853tmt6813mt6835mt6880mt6875mt6889mt6985mt6890mt6833mt6785tmt6885mt6833pmt6989mt6877nr15mt6781mt6853mt6980mt6895mt6985tmt6877tmt6789mt6983zlr13mt6779mt6897mt6785mt6895tmt6879MT2731, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT8666, MT8667, MT8765, MT8766, MT8768, MT8786, MT8788mt8667mt8765mt8786mt2731mt8768mt6769zmt6769mt8788mt6768mt8666mt6767mt6769tmt8766
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33217
Matching Score-4
Assigner-IDEMIA
ShareView Details
Matching Score-4
Assigner-IDEMIA
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.52%
||
7 Day CHG~0.00%
Published-15 Dec, 2023 | 10:45
Updated-02 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing integrity check on upgrade package

By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer

Action-Not Available
Vendor-idemiaIDEMIA
Product-morphowave_sp_firmwaresigma_widemorphowave_compactsigma_wide_firmwaremorphowave_xp_firmwaresigma_extremesigma_lite\+morphowave_xpmorphowave_spvisionpass_firmwaremorphowave_compact_firmwarevisionpasssigma_lite\+_firmwaresigma_litesigma_extreme_firmwaresigma_lite_firmwareVisionPassMorphoWave Compact/XPSIGMA ExtremeMorphoWave SPSIGMA WideSIGMA Lite & Lite +
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32690
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.48% / 65.35%
||
7 Day CHG-0.17%
Published-01 Jun, 2023 | 16:15
Updated-08 Jan, 2025 | 21:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Responder can Invoke Undefined Behavior in libspdm Requester

libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that requires a cryptography operation by the Responder, such as CHALLENGE, libspdm will calculate the timeout value using the Responder's unvalidated CTExponent. A patch is available in version 2.3.3. A workaround is also available. After completion of VCA, the Requester can check the value of the Responder's CTExponent. If it greater than or equal to 64, then the Requester can stop communication with the Responder.

Action-Not Available
Vendor-dmtfDMTF
Product-libspdmlibspdm
CWE ID-CWE-20
Improper Input Validation
CVE-2018-6335
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.69% / 72.36%
||
7 Day CHG~0.00%
Published-31 Dec, 2018 | 20:00
Updated-06 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests.

Action-Not Available
Vendor-Facebook
Product-hhvmHHVM
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2023-3341
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.59%
||
7 Day CHG-0.02%
Published-20 Sep, 2023 | 12:32
Updated-02 Dec, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly

The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxInternet Systems Consortium, Inc.
Product-fedoradebian_linuxbindBIND 9
CWE ID-CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33057
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.10% / 26.60%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Multi-Mode Call Processor

Transient DOS in Multi-Mode Call Processor while processing UE policy container.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431qcm8550_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewsa8845_firmwaresd865_5gwsa8832sdx57m_firmwaresxr2130_firmwarewcd9370qca8081_firmwarear8035_firmwareqca6696wcd9340_firmwaresnapdragon_888_5g_mobile_platformwcd9341_firmwarewcd9395_firmwareqcn6024sd888_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700snapdragon_768g_5g_mobile_platform_firmwarewsa8815_firmwaresnapdragon_x35_5g_modem-rf_system_firmwarewsa8832_firmwareqca8337_firmwareqca8337qca6426_firmwarewcd9395sg8275p_firmwareqcm6490_firmwaresm7250p_firmwarewcd9341qcm4490_firmwaresnapdragon_855_mobile_platformwcd9390wcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformwsa8845h_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platformfastconnect_6800_firmwareqcn6024_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7250psnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_780g_5g_mobile_platform_firmwareqca6584auqcn6274_firmwaresd888qcc710snapdragon_4_gen_2_mobile_platformsnapdragon_765_5g_mobile_platform_firmwarewcn6740snapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwarefastconnect_6800qfw7114_firmware315_5g_iot_modem_firmwarefastconnect_7800_firmwarefastconnect_6900snapdragon_765g_5g_mobile_platformqep8111qfw7114snapdragon_782g_mobile_platform_firmwarewcd9385_firmware315_5g_iot_modemqca6421fastconnect_6900_firmwaresnapdragon_x55_5g_modem-rf_systemwcd9380snapdragon_888_5g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformwcd9360qcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qca6421_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x35_5g_modem-rf_systemsnapdragon_768g_5g_mobile_platformwsa8810snapdragon_865\+_5g_mobile_platformsnapdragon_8\+_gen_2_mobile_platformvideo_collaboration_vc3_platformqca6595ausm7315_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8840sd855qcs8550_firmwareqca6431_firmwaresm7315snapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6698aq_firmwareqca6436_firmwarewcd9385snapdragon_8\+_gen_1_mobile_platformqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_855\+\/860_mobile_platform_firmwarewcd9390_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_8_gen_3_mobile_platformsnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqep8111_firmwaresg8275pwcd9370_firmwaresnapdragon_x70_modem-rf_system_firmwaresdx55_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6574asxr2130qcm4490qca6174awcd9340snapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwareqcm6490sm7325psnapdragon_855_mobile_platform_firmwaresm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemqcn9024qca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124snapdragon_480_5g_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_systemqca6595au_firmwareqca6391_firmwarewsa8835wsa8840_firmwaresnapdragon_870_5g_mobile_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcn9024_firmwaresdx57msnapdragon_865_5g_mobile_platformwcd9380_firmwarewsa8845hqca8081wsa8815wsa8830sm8550psnapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_765_5g_mobile_platformar8035qca6574a_firmwaresdx55snapdragon_750g_5g_mobile_platformsnapdragon_480\+_5g_mobile_platformwcd9375_firmwareqca6391snapdragon_x70_modem-rf_systemqcn6224snapdragon_778g_5g_mobile_platform_firmwareqca6698aqwcn3950_firmwaresnapdragon_480_5g_mobile_platformsnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platformqcs8550fastconnect_6200fastconnect_7800sm7325p_firmwaresd865_5g_firmwarewcd9360_firmwaresnapdragon_888\+_5g_mobile_platformwcd9375snapdragon_855\+\/860_mobile_platformwcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs6490snapdragon_690_5g_mobile_platform_firmwarefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32888
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-3.07% / 87.03%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:50
Updated-16 May, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6877tmt6813mt6877mt6983tmt6833pmt6897mt6983znr16mt6890mt6878mt6980mt6990mt6853mt6833mt6893mt6983wmt6889mt6886mt6879mt6883mt6895mt6880mt6895tmt6985tnr15mt6855mt6885mt6873mt6875nr17mt2735mt6891mt6989mt6853tmt6835mt6985mt6980dmt6896MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-4241
Matching Score-4
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-4
Assigner-Cloudflare, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 46.35%
||
7 Day CHG~0.00%
Published-16 Aug, 2023 | 10:13
Updated-02 Oct, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
lol-html panics on certain HTML inputs

lol-html can cause panics on certain HTML inputs. Anyone processing arbitrary 3rd party HTML with the library is affected.

Action-Not Available
Vendor-Cloudflare, Inc.
Product-lol-htmllol-htmllol-html
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32649
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-8.2||HIGH
EPSS-0.13% / 32.35%
||
7 Day CHG~0.00%
Published-19 Sep, 2023 | 10:06
Updated-27 Feb, 2025 | 20:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0

A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets. During the (limited) time window before the IDS module is automatically restarted, network traffic may not be analyzed.

Action-Not Available
Vendor-nozominetworksNozomi Networks
Product-cmcguardianGuardianCMC
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2018-6347
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 63.06%
||
7 Day CHG~0.00%
Published-31 Dec, 2018 | 22:00
Updated-06 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00.

Action-Not Available
Vendor-proxygen_projectFacebook
Product-proxygenProxygen
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-33103
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.50%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-10 Jan, 2025 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Multi-Mode Call Processor

Transient DOS while processing CAG info IE received from NW.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sg8275psg8275p_firmwarewcd9385_firmwaresnapdragon_8_gen_2_mobilefastconnect_7800qcm4490wcd9370_firmwaresnapdragon_x75_5g_modem-rf_firmwarewcd9390_firmwaresnapdragon_x65_5g_modem-rf_firmwareqcn6024qcs8550wcd9385snapdragon_8_gen_2_mobile_firmwarewcd9380snapdragon_x75_5g_modem-rfwcd9370wcd9390sm8550pwsa8815wcd9395_firmwareqca6698aq_firmwarewsa8845wsa8810fastconnect_6900_firmwareqcs4490_firmwarewcn3950qcm8550_firmwareqcn6024_firmwarewsa8845_firmwarefastconnect_6900qfw7124snapdragon_4_gen_2_mobile_firmwarewsa8832_firmwareqcn9024_firmwarewsa8830_firmwareqcc710snapdragon_x70_modem-rf_firmwarewcn3988qcc710_firmwareqca8337_firmwarewsa8835snapdragon_8_gen_3_mobilewcd9340_firmwaresnapdragon_8_gen_3_mobile_firmwarewsa8810_firmwarewsa8832qca6174a_firmwareqep8111_firmwarewcd9380_firmwareqcn9024qca8337wcd9395qca6698aqwsa8830wcn3950_firmwarewsa8845hqca6174awcn3988_firmwarewsa8840qcs8550_firmwarefastconnect_6700snapdragon_auto_5g_modem-rf_gen_2_firmwareqca8081_firmwaresnapdragon_x35_5g_modem-rf_firmwareqcs4490qca8081qca6584auar8035_firmwareqcn6224_firmwaresnapdragon_x65_5g_modem-rfwcd9340qcm4490_firmwaresnapdragon_8\+_gen_2_mobileqcn6274qca6584au_firmwareqcn6224wsa8815_firmwarewsa8845h_firmwaresnapdragon_4_gen_2_mobilesnapdragon_auto_5g_modem-rf_gen_2fastconnect_7800_firmwareqcm8550qfw7124_firmwareqep8111qfw7114wsa8835_firmwaresnapdragon_x35_5g_modem-rfwsa8840_firmwareqfw7114_firmwareqcn6274_firmwarear8035snapdragon_8\+_gen_2_mobile_firmwarefastconnect_6700_firmwaresnapdragon_x70_modem-rfsm8550p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2026-38570
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.69%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 00:00
Updated-08 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

bacnet_stack 1.3.1 contains an Out-of-bounds Read in bacnet_tag_number_decode which allows attackers to cause a denial of service.

Action-Not Available
Vendor-n/a
Product-n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6589
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
ShareView Details
Matching Score-4
Assigner-CA Technologies - A Broadcom Company
CVSS Score-7.5||HIGH
EPSS-0.60% / 69.90%
||
7 Day CHG~0.00%
Published-01 May, 2018 | 18:00
Updated-05 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10.2.3 allows remote attackers to cause a denial of service via unspecified vectors.

Action-Not Available
Vendor-
Product-spectrumCA Spectrum
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33042
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.93%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Modem

Transient DOS in Modem after RRC Setup message is received.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431sd865_5gsdx57m_firmwaresm6350sxr2130_firmwarewcd9370qca8081_firmwarear8035_firmwareqca6696sm7250-absm8475wcd9341_firmwaresm8250-ab_firmwareqcn6024sd888_firmwareqca6390qca6426wcn6740_firmwaresm7325-af_firmwarewsa8815_firmwaresm7325-ae_firmwaresm8250-abqca8337_firmwareqca8337sm7325qca6426_firmwareqcm6490_firmwarewcn785x-5sm7250p_firmwaresm8350-ac_firmwarewcd9341wcn785x-5_firmwarewsa8810_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_7c\+_gen_3_computesm4350_firmwaresm7350-ab_firmwarewcn3991sm8150-acsm6375_firmwareqcn6024_firmwaresm7250psd888sm6375wcn685x-5wcn6740sm7250-aa_firmware315_5g_iot_modem_firmwaresm8250-acsm8450_firmwaresm8250_firmwarewcd9385_firmware315_5g_iot_modemqca6421sm7225snapdragon_x55_5g_modem-rf_systemwcd9380wcd9360snapdragon_xr2_5g_platform_firmwareqca6421_firmwaresm7350-absnapdragon_auto_5g_modem-rf_firmwarewsa8810sm4350-acsm8350-acvideo_collaboration_vc3_platformqca6595ausm7315_firmwaresm7325_firmwarewcn3991_firmwaresd855qcs8550_firmwareqca6390_firmwareqca6431_firmwaresm7225_firmwaresm7315qca6698aq_firmwareqca6436_firmwarewcd9385snapdragon_7c\+_gen_3_compute_firmwaresm8250-ac_firmwarewcn6750wcn6750_firmwarewcd9370_firmwaresnapdragon_x70_modem-rf_system_firmwaresdx55_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_x55_5g_modem-rf_system_firmwaresm7250-ab_firmwareqca6574asm7325-aesxr2130sm4350sm7325pqcm6490wcn3998sm8150-ac_firmwarewcn3998_firmwarewcn3988qcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemqcn9024sd855_firmwareqca6436sm7325-afwsa8835qca6595au_firmwareqca6391_firmwaresm8250qca6696_firmwareqcn9024_firmwaresdx57mwcd9380_firmwaresm7250-aaqca8081wsa8815sm4375wsa8830sm4375_firmwarewcn785x-1_firmwarear8035qca6574a_firmwaresdx55sm6350_firmwarewcd9375_firmwareqca6391snapdragon_x70_modem-rf_systemwcn785x-1sm8475_firmwareqca6698aqqcs8550sm7250-acwcn685x-1sm7325p_firmwaresd865_5g_firmwarewcd9360_firmwarewcd9375wcn685x-5_firmwarewcn3988_firmwarevideo_collaboration_vc3_platform_firmwaresm4350-ac_firmwarewsa8835_firmwareqcs6490sm7250-ac_firmwarewsa8830_firmwarewcn685x-1_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2023-32887
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-2.29% / 85.05%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:50
Updated-16 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6983wnr16mt6897mt6873mt6885mt6895tmt6896mt6890mt6985mt6985tmt6883mt6833mt6983tmt6895mt6980dmt6877tnr15mt6990nr17mt6833pmt6879mt6891mt6983zmt6813mt6893mt6989mt2735mt6835mt6853tmt6853mt6878mt6980mt6875mt6855mt6880mt6877mt6889mt6886MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33100
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.19%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:05
Updated-13 Jan, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in Multi-Mode Call Processor

Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfw7124_firmwarefastconnect_6700_firmwareqcn6274wsa8840_firmwarewsa8832qcc710qcs4490snapdragon_x35_5g_modem-rffastconnect_7800_firmwaresnapdragon_8_gen_3_mobile_firmwarewcd9370qfw7124qcm4490snapdragon_4_gen_2_mobilesnapdragon_auto_5g_modem-rf_gen_2qfw7114wsa8810_firmwareqcn6024sg8275p_firmwarewsa8845_firmwaresnapdragon_8\+_gen_2_mobilesnapdragon_8_gen_1_mobileqcn6224qcc710_firmwaresnapdragon_4_gen_2_mobile_firmwareqcm4490_firmwareqcm8550snapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9390ar8035wcd9340wsa8835wcn3950fastconnect_7800qcn6274_firmwarewcd9395_firmwarewsa8845h_firmwarewsa8830snapdragon_x70_modem-rfqfw7114_firmwareqca8337qca6584au_firmwareqcs8550_firmwarefastconnect_6900snapdragon_x35_5g_modem-rf_firmwarewsa8845snapdragon_8_gen_2_mobile_firmwareqca6584auwsa8835_firmwareqep8111_firmwarefastconnect_6700qcn6224_firmwaresnapdragon_x75_5g_modem-rfqca6174awcd9390_firmwarewsa8815_firmwaresnapdragon_x65_5g_modem-rf_firmwaresnapdragon_8_gen_2_mobilewcn3988qcn6024_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewsa8845hwsa8815sm8550p_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9380wsa8832_firmwarewcn3950_firmwarewcd9385wcd9395sm8550pwcd9340_firmwaresnapdragon_x75_5g_modem-rf_firmwareqca8081_firmwareqep8111wsa8830_firmwaresnapdragon_8\+_gen_1_mobile_firmwareqcn9024_firmwareqca6698aqqcs4490_firmwaresnapdragon_x70_modem-rf_firmwareqcs8550wcd9380_firmwaresnapdragon_8_gen_1_mobile_firmwaresnapdragon_x65_5g_modem-rfqca6698aq_firmwareqca6174a_firmwareqca8081wsa8840sg8275pwcn3988_firmwareqcm8550_firmwareqcn9024wcd9370_firmwaresnapdragon_8\+_gen_1_mobilear8035_firmwaresnapdragon_8_gen_3_mobileqca8337_firmwarewsa8810Snapdragonqca6174a_firmwareqca8337_firmwareqcm4490_firmwareqcm8550_firmwareqca6584au_firmwareqcn6274_firmwareqcs4490_firmwareqep8111_firmwareqfw7114_firmwaresg8275p_firmwarefastconnect_6900_firmwareqcn6024_firmwareqcs8550_firmwaresm8550p_firmwarear8035_firmwareqcc710_firmwareqcn6224_firmwarefastconnect_6700_firmwareqcn9024_firmwarefastconnect_7800_firmwareqca8081_firmwareqfw7124_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6698aq_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33098
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.53%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd865_5gqca6595ipq6028_firmwareimmersive_home_214_platformqca8081_firmwareqcn9001wcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024ar9380snapdragon_sc8180xp-aa_firmwareqcc710_firmwareqca6426fastconnect_6700snapdragon_768g_5g_mobile_platform_firmwaresa4150pqcn5124_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qcn7605qca6574au_firmwareqcn7606_firmwareipq8078a_firmwareqam8295pwcd9341wsa8810_firmwarewsa8845h_firmwaresa9000p_firmwareqca2064_firmwarefastconnect_6800_firmwareqcs5430snapdragon_4_gen_2_mobile_platform_firmwareqcm5430_firmwaresa4155psnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsa8770pqcn9000qca2062_firmwaresnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqsm8250_firmwareqsm8350_firmwaresnapdragon_765g_5g_mobile_platformwcd9385_firmwareqca6421ipq8074a_firmwareipq8076awcd9360snapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareimmersive_home_3210_platform_firmwaresa6155psnapdragon_sc8180x-aaqca6564au_firmwaresnapdragon_768g_5g_mobile_platformqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psa6155p_firmwaresnapdragon_870_5g_mobile_platform_firmwareqca6436_firmwaresnapdragon_8\+_gen_1_mobile_platformipq8070a_firmwareqcn5021_firmwareqcn9070snapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqca8084qca6420wcn3910csrb31024snapdragon_x55_5g_modem-rf_system_firmwareqcc2076snapdragon_660_mobile_platformqca6574awcd9340qcs8250_firmwareqcm2290snapdragon_auto_5g_modem-rf_gen_2qcn6122_firmwareqcn5154_firmwaresm8550p_firmwareqcm8550wcn3988qcn5122_firmwareqcn9024pmp8074qca6574snapdragon_x75_5g_modem-rf_systemqca2066_firmwareqca8082qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550pqcf8000_firmwaresa6145psnapdragon_8\+_gen_1_mobile_platform_firmwareqcn6122sa8255p_firmwareqcc2073qrb5165m_firmwareqca9985ipq8071aqcn6112wcn3950_firmwareqrb5165nsnapdragon_8_gen_1_mobile_platformqca1062_firmwarefastconnect_6200sm7325p_firmwarewcd9360_firmwaresnapdragon_sc8280xp-ab_firmwaresmart_audio_400_platformvideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareimmersive_home_326_platform_firmwaresnapdragon_750g_5g_mobile_platformqcn9072qcn6224_firmwareqca6431sd660_firmwareqca8082_firmwaresxr2130_firmwarear8035_firmwareqrb5165msnapdragon_888_5g_mobile_platformsc8380xpqca1064snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwareqca9992_firmwareqca9990ipq9008_firmwareqcn9074wsa8815_firmwareqca8337_firmwareipq8173sm7250p_firmwarewcn3999ipq6010_firmwarewcn3950snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_765g_5g_mobile_platform_firmwareipq5028qca9986qcf8001_firmwareqcn9070_firmwaresnapdragon_780g_5g_mobile_platformsa8295p_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155sd888snapdragon_4_gen_2_mobile_platformsc8380xp_firmwareipq8065fastconnect_6800qcs7230qcn9001_firmwaresnapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_sc8280xp-abqca8075_firmwareqcf8000snapdragon_865\+_5g_mobile_platformqca2065_firmwaresnapdragon_sc8180x-ad_firmwaresdx65m_firmwarevideo_collaboration_vc3_platformsnapdragon_sc8180xp-ad_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca9980_firmwareqca9985_firmwareqca6431_firmwareqca6698aq_firmwareqcs2290qcn7606qcs2290_firmwarewcn3999_firmwareqca8084_firmwareqcn7605_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwareqcn5024snapdragon_690_5g_mobile_platformqca6430snapdragon_auto_5g_modem-rfssg2125pcsra6640_firmwareimmersive_home_326_platformqam8650p_firmwareqcn9013_firmwarevideo_collaboration_vc5_platformqca2062qca6420_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemipq8076_firmwarewcd9335_firmwarewcn3980_firmwareqrb5165n_firmwareqca6436snapdragon_sc8180x-aa_firmwarewsa8835wsa8840_firmwareqca6391_firmwareipq8068qcs4290_firmwaresnapdragon_865_5g_mobile_platformcsra6620qca8081sd660wsa8815qam8775pqca9377qcm4290_firmwareqca9888_firmwareqca9889qca1062qcn5024_firmwareqcn9002_firmwareipq5010qcn9274_firmwaresmart_audio_400_platform_firmwareqcs5430_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platformcsra6620_firmwareqcs8550ipq8068_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwarewcd9375qca9889_firmwaresa8145pimmersive_home_316_platformsnapdragon_888\+_5g_mobile_platform_firmwareqca2066csr8811qcm8550_firmwaresa6150p_firmwaresw5100pipq9574qcn9000_firmwareqcn6102_firmwareqcn9022wcd9335wcd9370qca8072qca6696wcd9341_firmwareqcn9003_firmwareqcc2073_firmwareipq8076wcn6740_firmwareqca1064_firmwareipq6018_firmwareqca9984_firmwareqcn6023immersive_home_216_platformqca9994_firmwareipq6000snapdragon_auto_4g_modemipq8078aqca6574auwcd9390csra6640qcn9100_firmwareqcn5122qca6554aqcn6024_firmwareqca9886_firmwareqcm5430snapdragon_695_5g_mobile_platformssg2115pqcc710qcn6132_firmwareqcn5054315_5g_iot_modem_firmwarefastconnect_6900ipq5332_firmwareqcn5052qca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwareipq8064sa8155_firmwareqcn5164snapdragon_888_5g_mobile_platform_firmwareqcs4490snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6421_firmwarecsr8811_firmwaresnapdragon_sc8180xp-aawsa8810qcn5021qca8085qsm8250snapdragon_8\+_gen_2_mobile_platformqcn6100qca6595ausm7315_firmwarewsa8840qcs8550_firmwareqca9986_firmwareqfw7124_firmwareqcn9012snapdragon_sc8180x-adqcs4490_firmwareqcf8001wcn3910_firmwaresdx65mwcd9370_firmwaresnapdragon_750g_5g_mobile_platform_firmwareipq9570sa8195pqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformqcn9274ipq8076a_firmwaresa8775pipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformqcn9011sa8775p_firmwareqcn9024_firmwarewsa8845hsa6150psa8155p_firmwaresnapdragon_sc8180x-acqcn9074_firmwareipq8174sc8180x\+sdx55_firmwaresnapdragon_765_5g_mobile_platformflight_rb5_5g_platform_firmwareipq8174_firmwarear8035ipq8072asa6155qca2065robotics_rb5_platformqcn6224sc8180x\+sdx55qca6698aqssg2125p_firmwaresa8145p_firmwaresnapdragon_888\+_5g_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarewcn3990qcn9002ipq8078qcs6490qcs8250ipq9554_firmwarefastconnect_6200_firmwarear8031_firmwaresnapdragon_sc8180xp-acwsa8830_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqcc2076_firmwareqca6678aqqcn5022_firmwareqca9992sa4150p_firmwareipq9008ipq9554qca6564auimmersive_home_214_platform_firmwaresa8195p_firmwareqcm4290qcn5054_firmwareqca9888ipq5332qcn9013ar8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwareipq8072a_firmwareqcm4490_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcn6112_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwareqca8085_firmwareqca9886qcn6132qcn6102snapdragon_780g_5g_mobile_platform_firmwareqca6584auqcn6274_firmwareqcn9011_firmwaresw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_216_platform_firmwareipq8070awcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230pqca9990_firmwaresnapdragon_4_gen_1_mobile_platformsa8150pqcn9003snapdragon_778g_5g_mobile_platformqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230pipq6010sw5100aqt1000qam8295p_firmwarewcn3990_firmwaresm7315wcd9385qca9994qsm8350qcs4290sxr1230p_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresg8275psdx55_firmwareipq8071a_firmwareqca6554a_firmwaresnapdragon_sc8180x-ac_firmwaresxr2130ipq6028qcm4490qcn9100snapdragon_xr2\+_gen_1_platformsm7325paqt1000_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274snapdragon_480_5g_mobile_platform_firmwareqfw7124qca6595au_firmwareqca0000sw5100p_firmwaresnapdragon_sc8180xp-ac_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwaresd_8_gen1_5gqcn5124ipq8064_firmwareqca6797aqqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwaresnapdragon_480\+_5g_mobile_platformipq8074aimmersive_home_318_platformsd_8_gen1_5g_firmwarewcd9375_firmwareqca8386qca6391snapdragon_sc8180xp-adipq8173_firmwareqcn9012_firmwaresa8770p_firmwaresa8295psnapdragon_8_gen_2_mobile_platform_firmwarerobotics_rb5_platform_firmwareipq6000_firmwarefastconnect_7800ipq8078_firmwarewcn3988_firmwareqcn5154wsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_660_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-32886
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.69% / 82.62%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 02:50
Updated-03 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6873mt6985mt6983wnr17mt6980mt6980dmt8792mt6890mt6833pmt6880mt6983znr16mt8797mt6855mt6893mt6889mt8676mt2735mt8791mt6853mt6985tmt8798mt6875mt6879mt6885mt8673mt6891mt8791tmt6877tmt6989mt8796mt6877mt6853tmt6895tmt6886mt6983tmt6835nr15mt6897mt6896mt6883mt6990mt6813mt8675mt6833mt6895mt6878MT2735, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8673, MT8675, MT8676, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33015
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.35%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca2066sa6150p_firmwareipq4028_firmwaresc8180x-ab_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwareqcn5124qca4024_firmwarewcn3950_firmwaresnapdragon_8_gen_1sc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335qca2062snapdragon_x55_5gsnapdragon_xr2\+_gen_1sc8180xp-adqca6554a_firmwareqam8295pwcn3950qcn6024_firmwareipq8076asd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350snapdragon_x65_5g_firmwaresm7315_firmwaresnapdragon_778g\+_5gqca6428snapdragon_x55_5g_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360snapdragon_xr2_5gqca6438_firmwareqca9986snapdragon_888_5gipq8070_firmwaresc8180xp-afipq8065ipq8078a_firmwareqca6678aq_firmwareqrb5165m_firmwareipq5028ipq4029_firmwaresc8180xp-aa_firmwareqca6698aqsa8155_firmwareipq6010ipq8068qca6430snapdragon_870_5gsnapdragon_778g\+_5g_firmwarewcd9340qcn6132qca6436sa6155pqca6698aq_firmwaresnapdragon_865\+_5g_firmwareqca9888_firmwareqcn6122wcd9341sa8255pipq8068_firmwareqca6696_firmwareqca2066_firmwareqca6431sc8180xp-ab_firmwareqca1062sc8180x-abqcn5154_firmwareqca6797aqsa8150psnapdragon_auto_4g_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresnapdragon_778g_5gqca6438sa8195p_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresnapdragon_865_5g_firmwareqca9898sa8295p_firmwareipq4028qca6428_firmwareqca9985_firmwareimmersive_home_216_firmwareipq4018_firmwareqca8337_firmwaressg2125pwcd9380_firmwareipq8072aqca9980_firmwareimmersive_home_214_firmwareipq8076a_firmwareipq8078qca6564auipq8173snapdragon_8_gen_1_firmware315_5gqcn5164snapdragon_ar2_gen_1qca6574csr8811_firmwarewcd9380sc8180xp-aafastconnect_6700qcn5054_firmwareqcn5024snapdragon_auto_5gsxr1230psc8180xp-ad_firmwareqca9985qcn9012_firmwareqca8072_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwarewcn3980qca6335_firmwareipq6018_firmwarewcd9340_firmwarewsa8815pmp8074_firmwaresnapdragon_xr2\+_gen_1_firmwareqca9986_firmwareqcs8250qca6426_firmwareqca9984ipq6028ipq8064sc8180x-adpmp8074qcn9024wcn3980_firmwaresnapdragon_888_5g_firmwareipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwareqca6678aqipq8078_firmwarefastconnect_6900qcn5054fastconnect_6900_firmwareipq8070immersive_home_318qca9994qca6797aq_firmwareqca9980qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_1_firmwarewsa8832sc8180xp-ac_firmwareqcn7605_firmwareqsm8250sa6145pipq6018qca9886_firmwareqcs4490qca6595_firmwaresa8145psc8280xp-bbqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sdx55sd888_firmwareqcn5021_firmwaresa8155pssg2115p_firmwareqam8255par8035_firmwareqsm8250_firmwareqcn7606qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwaresa8145p_firmwaresnapdragon_x65_5gqca1062_firmwareimmersive_home_318_firmwarecsrb31024snapdragon_7c\+_gen_3_firmwareqcn9072sc8280xp-bb_firmwareqca9992qca6420_firmwareipq8069_firmwareqca2064_firmwarewcd9370immersive_home_216ssg2115pqcn5152_firmwareqca6426sc8280xp-abqca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareqcn7605snapdragon_782g_firmwarefastconnect_6200snapdragon_780g_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqca1064qcn9011_firmwareflight_rb5_5g_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nsnapdragon_888\+_5gipq5010immersive_home_214qca6564au_firmwareqca6584ausa6155p_firmwareqca6310ipq8174qca9990qcs6490qcn5052qcs8550_firmwaresnapdragon_778g_5g_firmwareqcn9074sa6145p_firmwareqca6421fastconnect_6700_firmwaresa8195pwsa8810_firmwarerobotics_rb5sa8255p_firmwaresnapdragon_780g_5gqca8081qcm4490qcn6023ipq8071aipq8071a_firmwarewcd9385sxr2130_firmwaresnapdragon_auto_4gqcs6490_firmwareqca2065_firmwareimmersive_home_316_firmwaresc8180x-acsnapdragon_xr2_5g_firmwareqca9898_firmwarewcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwareqcm6490wsa8835_firmwaresa4150pqca8072snapdragon_865_5gqcn9000qca6554asd865_5gfastconnect_6800qca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_auto_5g_firmwarewsa8835sd_8_gen1_5gsnapdragon_7c\+_gen_3snapdragon_865\+_5gqcn5154qca8075_firmwaresc8180xp-acsxr2130ssg2125p_firmwareipq4018qca6574aqca9889sc8180x-afsm7325pqcn6132_firmwareqca9888qca6310_firmwareipq8074qca9994_firmwaresnapdragon_8\+_gen_1ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886snapdragon_888\+_5g_firmwaresm7325p_firmwaresxr2230pipq8076snapdragon_782g315_5g_firmwareqca6574a_firmwarefastconnect_6200_firmwareipq8069qcn5021qcn5152qrb5165msm7315qca6391sc8280xp-ab_firmwarefastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_ar2_gen_1_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180xp-af_firmwareipq8074_firmwareimmersive_home_316qca9889_firmwareqca6574ausa8155p_firmwareqcn5122qcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810sc8180x-aa_firmwarerobotics_rb5_firmwareqcn5022sc8180x-aaipq6010_firmwaresc8180x-af_firmwareqca1064_firmwarewcn6740qca6696qcs8550sc8180xp-absa6150pqca8075qcn9022_firmwaresnapdragon_870_5g_firmwareqcn6024qcn9022qca9990_firmwareflight_rb5_5gipq8070asc8180x-ad_firmwareqcn9072_firmwareqcn9074_firmwareipq4029Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33104
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.50%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input Validation in Multi-Mode Call Processor

Transient DOS while processing PDU Release command with a parameter PDU ID out of range.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431qcm8550_firmwarewsa8845_firmwaresd865_5gwsa8832snapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwaresxr2130_firmwarewcd9370qca8081_firmwaresnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwareqca6696snapdragon_778g\+_5g_mobilesnapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024sd888_firmwareqcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilesnapdragon_782g_mobile_firmwarewsa8815_firmwarewsa8832_firmwareqca8337_firmwareqca8337qca6426_firmwarewcd9395sg8275p_firmwareqcm6490_firmwaresnapdragon_690_5g_mobile_firmwaresm7250p_firmwarewcd9341qcm4490_firmwarewcd9390snapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwarewsa8845h_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_690_5g_mobilefastconnect_6800_firmwaresnapdragon_778g\+_5g_mobile_firmwaresnapdragon_870_5g_mobileqcn6024_firmwaresm7250pqca6584auqcn6274_firmwaresd888qcc710snapdragon_xr2_5g_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmware315_5g_iot_modem_firmwarefastconnect_7800_firmwarefastconnect_6900snapdragon_865_5g_mobile_firmwareqep8111qfw7114wcd9385_firmware315_5g_iot_modemqca6421fastconnect_6900_firmwarewcd9380wcd9360snapdragon_xr2_5gsnapdragon_x65_5g_modem-rfqcs4490wsa8845qca6421_firmwaresnapdragon_auto_5g_modem-rf_firmwarewsa8810snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilesnapdragon_4_gen_1_mobile_firmwaresm7315_firmwarewsa8840sd855qcs8550_firmwaresnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqca6431_firmwaresm7315snapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_888\+_5g_mobilewcd9385snapdragon_8_gen_1_mobilesnapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobilesnapdragon_865\+_5g_mobileqep8111_firmwaresg8275psnapdragon_855\+_mobilewcd9370_firmwaresdx55_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilesnapdragon_auto_5g_modem-rfqca6574asnapdragon_8\+_gen_2_mobilesxr2130qcm4490qca6174asnapdragon_x65_5g_modem-rf_firmwarewcd9340snapdragon_480\+_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwareqcm6490sm7325psm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_765_5g_mobile_firmwareqcn9024qca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124snapdragon_x70_modem-rfwsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwaresnapdragon_855_mobile_firmwareqca6696_firmwareqcn9024_firmwaresdx57mwsa8845hwcd9380_firmwareqca8081wsa8815snapdragon_765g_5g_mobile_firmwarewsa8830sm8550psnapdragon_x75_5g_modem-rfsnapdragon_768g_5g_mobile_firmwarear8035qca6574a_firmwaresdx55snapdragon_4_gen_1_mobilesnapdragon_4_gen_2_mobilesnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwarewcd9375_firmwareqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sm7325p_firmwaresd865_5g_firmwarewcd9360_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilewcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490snapdragon_695_5g_mobilesnapdragon_8_gen_3_mobilesnapdragon_855_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8832_firmwareqcs4490_firmwareqep8111_firmwareqca6431_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresdx57m_firmwareqca6696_firmwaresd888_firmwareqcn9024_firmwarewsa8835_firmwaresd855_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwaresm7325p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqca6595au_firmwaresnapdragon_855_mobile_platform_firmwarewcd9390_firmwareqcm6490_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs6490_firmwarefastconnect_6200_firmwarewcd9395_firmwareqcn6224_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9375_firmwareqca6174a_firmwaresm7250p_firmwareqfw7124_firmwareqca6391_firmwaresm7315_firmwareqca6698aq_firmwaresnapdragon_x70_modem-rf_system_firmwareqca8081_firmwarefastconnect_6900_firmwarewcd9385_firmwarewcd9370_firmwarewsa8840_firmwaresxr2130_firmwarewcd9380_firmwareqca6584au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwarefastconnect_7800_firmwarewcd9341_firmwarewsa8845h_firmwareqfw7114_firmwaresnapdragon_865_5g_mobile_platform_firmwareqcm8550_firmwarewsa8830_firmwarewcd9360_firmwaresg8275p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqca6436_firmwareqcn6274_firmwareqcm4490_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3950_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewsa8815_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwarewcd9340_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmware315_5g_iot_modem_firmwarefastconnect_6800_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwaresd865_5g_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6426_firmwareqcc710_firmwaresdx55_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6421_firmwarewcn6740_firmwareqcs8550_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-33048
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware

Transient DOS in WLAN Firmware while parsing t2lm buffers.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwarewsa8830qcn9070sxr2230p_firmwareqca8337qam8650pqfw7124ipq8173_firmwarewcn785x-5qam8775pqcf8001qcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386wsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn685x-1qcn9000_firmwaresnapdragon_8_gen_2_mobile_platformipq9554qca6554a_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114wsa8845h_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn9274ipq8174ipq5028wsa8840_firmwareqca6698aqqcn5052qca0000qcf8001_firmwareipq6010sc8380xp_firmwareqcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013wsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqam8775p_firmwareqca9888_firmwareqcn6122wcd9385qca6696_firmwareipq9008_firmwareipq9570qcn5154_firmwareqca6797aqar8035csr8811wcd9390qcc710_firmwareqcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qca8337_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574sxr1230p_firmwarewsa8835snapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqcn6112sxr2230pipq8076wsa8845_firmwareqca6574a_firmwareqcn5152ipq6028sc8380xpqcn9024ipq9574_firmwarewcn785x-5_firmwareimmersive_home_3210_platform_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6797aq_firmwarewcn785x-1_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332_firmwareipq5332sm8550pimmersive_home_326_platformsnapdragon_ar2_gen_1_platformipq6018qcn5022qcn9013_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwarewcd9395qca6696immersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwarear8035_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwareqca8075_firmwaressg2125p_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwareqca8084_firmwareqcn5124_firmwarewsa8845_firmwareqca8082_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwarewsa8845h_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn6274_firmwarewsa8840_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwarewsa8832_firmwarefastconnect_6900_firmwareipq6028_firmwaresc8380xp_firmwareipq8072a_firmwareqcn6112_firmwareqca6797aq_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9395_firmwareipq5332_firmwareqca6698aq_firmwaresdx65m_firmwareqcn9013_firmwareipq8071a_firmwareqam8650p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwaresm8550p_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwarewcd9390_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwarewsa8835_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33116
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 55.66%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-17 Jun, 2025 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read without Checking Size of Input in WLAN Host

Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq4028_firmwareqca8337qfw7124ar9380ipq8173_firmwareqcf8001flight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386qca9880_firmwareqca9992immersive_home_318_platform_firmwareipq8078aipq5028_firmwareipq6000qcn5152_firmwareqca0000_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqcn9011_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareqfw7114qrb5165nipq5010ipq8070_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8065ipq8078a_firmwareqcn9274ipq8174qca9990qrb5165m_firmwareipq5028qca7500ipq4029_firmwareqcn5052qca0000qcf8001_firmwareipq6010ipq8068qcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013snapdragon_x75_5g_modem-rf_systemqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwareqca9888_firmwareipq8068_firmwareqcn6122wcd9385ipq9008_firmwareipq9570qcn5154_firmwarear8035csr8811qca9898_firmwareipq4019qcc710_firmwareqcn9100_firmwarerobotics_rb5_platformqca9992_firmwareipq5010_firmwareipq8074a_firmwareqca9898qcn5022_firmwareipq4028immersive_home_216_platform_firmwareqca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwarear9380_firmwareipq8078qca8084ipq8173ipq9008qcn9012qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwarecsr8811_firmwareqcn6274wcd9380qcn5154qca8075_firmwareipq4018ipq4019_firmwareqcn5024qca9889qcn6132_firmwareqca9888qca9985qca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwarewcn3980ipq6018_firmwareipq8076_firmwareqca9886wcd9340_firmwareqcn6112ipq8076qca9984ipq6028ipq8064qcn5152qcn9024qrb5165mipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareqca6391ipq8064_firmwarefastconnect_7800qcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwarefastconnect_6900qcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareipq8070ipq6028_firmwareipq8072a_firmwareqcn9011qca9994qca9889_firmwareipq9574qca9980qcn5122ipq8174_firmwareqcn9024_firmwareqca9880fastconnect_7800_firmwareimmersive_home_326_platformipq6018qcn5022qcn9013_firmwareqca9886_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6391_firmwareimmersive_home_214_platform_firmwareqca4024sdx55qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqfw7124_firmwareipq4029ar8035_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-6344
Matching Score-4
Assigner-Meta Platforms, Inc.
ShareView Details
Matching Score-4
Assigner-Meta Platforms, Inc.
CVSS Score-7.5||HIGH
EPSS-0.56% / 68.57%
||
7 Day CHG~0.00%
Published-31 Dec, 2018 | 22:00
Updated-06 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS prior to v2.18.93, and WhatsApp for Windows Phone prior to v2.18.172.

Action-Not Available
Vendor-WhatsApp LLCFacebook
Product-whatsappWhatsApp for Windows PhoneWhatsApp for iOSWhatsApp for Android
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 41
  • 42
  • Next
Details not found