WLAN
by Qualcomm
CVEs (19)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-33279 | Cri | 0.64 | 9.8 | 0.00 | Feb 12, 2023 | Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. | ||
| CVE-2022-40532 | Hig | 0.55 | 8.4 | 0.00 | Apr 13, 2023 | Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | ||
| CVE-2022-40531 | Hig | 0.55 | 8.4 | 0.00 | Mar 10, 2023 | Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. | ||
| CVE-2022-40530 | Hig | 0.55 | 8.4 | 0.00 | Mar 10, 2023 | Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | ||
| CVE-2022-33271 | Hig | 0.53 | 8.2 | 0.00 | Feb 12, 2023 | Information disclosure due to buffer over-read in WLAN while parsing NMF frame. | ||
| CVE-2022-33284 | Hig | 0.53 | 8.2 | 0.00 | Jan 9, 2023 | Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. | ||
| CVE-2022-33283 | Hig | 0.53 | 8.2 | 0.00 | Jan 9, 2023 | Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. | ||
| CVE-2022-33252 | Hig | 0.53 | 8.2 | 0.00 | Jan 9, 2023 | Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame. | ||
| CVE-2023-28544 | Hig | 0.51 | 7.8 | 0.00 | Sep 5, 2023 | Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers. | ||
| CVE-2023-33089 | Hig | 0.49 | 7.5 | 0.00 | Dec 5, 2023 | Transient DOS when processing a NULL buffer while parsing WLAN vdev. | ||
| CVE-2023-21661 | Hig | 0.49 | 7.5 | 0.00 | Jun 6, 2023 | Transient DOS while parsing WLAN beacon or probe-response frame. | ||
| CVE-2022-40535 | Hig | 0.49 | 7.5 | 0.00 | Mar 10, 2023 | Transient DOS due to buffer over-read in WLAN while sending a packet to device. | ||
| CVE-2022-40527 | Hig | 0.49 | 7.5 | 0.00 | Mar 10, 2023 | Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM. | ||
| CVE-2022-33306 | Hig | 0.49 | 7.5 | 0.00 | Feb 12, 2023 | Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs. | ||
| CVE-2022-33286 | Hig | 0.49 | 7.5 | 0.00 | Jan 9, 2023 | Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | ||
| CVE-2022-33285 | Hig | 0.49 | 7.5 | 0.00 | Jan 9, 2023 | Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | ||
| CVE-2022-33253 | Hig | 0.49 | 7.5 | 0.00 | Jan 9, 2023 | Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames. | ||
| CVE-2023-21649 | Med | 0.44 | 6.7 | 0.00 | Aug 8, 2023 | Memory corruption in WLAN while running doDriverCmd for an unspecific command. | ||
| CVE-2022-33245 | Med | 0.44 | 6.7 | 0.00 | Mar 10, 2023 | Memory corruption in WLAN due to use after free |
- risk 0.64cvss 9.8epss 0.00
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
- risk 0.55cvss 8.4epss 0.00
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
- risk 0.55cvss 8.4epss 0.00
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
- risk 0.55cvss 8.4epss 0.00
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
- risk 0.53cvss 8.2epss 0.00
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
- risk 0.53cvss 8.2epss 0.00
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
- risk 0.53cvss 8.2epss 0.00
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
- risk 0.53cvss 8.2epss 0.00
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.
- risk 0.51cvss 7.8epss 0.00
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
- risk 0.49cvss 7.5epss 0.00
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
- risk 0.49cvss 7.5epss 0.00
Transient DOS while parsing WLAN beacon or probe-response frame.
- risk 0.49cvss 7.5epss 0.00
Transient DOS due to buffer over-read in WLAN while sending a packet to device.
- risk 0.49cvss 7.5epss 0.00
Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM.
- risk 0.49cvss 7.5epss 0.00
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
- risk 0.49cvss 7.5epss 0.00
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
- risk 0.49cvss 7.5epss 0.00
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
- risk 0.49cvss 7.5epss 0.00
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.
- risk 0.44cvss 6.7epss 0.00
Memory corruption in WLAN while running doDriverCmd for an unspecific command.
- risk 0.44cvss 6.7epss 0.00
Memory corruption in WLAN due to use after free