Memory corruption in Automotive GPU while querying a gsl memory node.
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
Memory corruption due to improper access control in kernel while processing a mapping request from root process.
Information disclosure in Kernel due to indirect branch misprediction.
Transient DOS due to improper authorization in Modem
Memory corruption due to double free in Core while mapping HLOS address to the list.
Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.
Memory corruption in Linux while sending DRM request.
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host
Memory corruption in Linux android due to double free while calling unregister provider after register call.
information disclosure due to cryptographic issue in Core during RPMB read request.
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
Memory corruption in Graphics while importing a file.
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.
Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
Memory corruption due to use after free in Modem while modem initialization.
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
Memory corruption due to double free in core while initializing the encryption key.
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
Memory corruption in WLAN due to use after free
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
Memory corruption in modem due to buffer overflow while processing a PPP packet
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
Information Disclosure in Graphics during GPU context switch.
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
Transient DOS due to improper input validation in WLAN Host.
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.
Memory corruption due to improper access control in Qualcomm IPC.
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.