VYPR

Core

by Qualcomm

CVEs (20)

  • CVE-2023-33072CriFeb 6, 2024
    risk 0.60cvss 9.3epss 0.00

    Memory corruption in Core while processing control functions.

  • CVE-2022-33288CriApr 13, 2023
    risk 0.60cvss 9.3epss 0.00

    Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

  • CVE-2022-33269CriApr 13, 2023
    risk 0.60cvss 9.3epss 0.00

    Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.

  • CVE-2022-33231CriApr 13, 2023
    risk 0.60cvss 9.3epss 0.00

    Memory corruption due to double free in core while initializing the encryption key.

  • CVE-2022-33257CriMar 10, 2023
    risk 0.60cvss 9.3epss 0.00

    Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

  • CVE-2023-24852HigNov 7, 2023
    risk 0.55cvss 8.4epss 0.00

    Memory Corruption in Core due to secure memory access by user while loading modem image.

  • CVE-2023-24844HigOct 3, 2023
    risk 0.55cvss 8.4epss 0.00

    Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.

  • CVE-2022-40507HigJun 6, 2023
    risk 0.55cvss 8.4epss 0.01

    Memory corruption due to double free in Core while mapping HLOS address to the list.

  • CVE-2022-40520HigJan 9, 2023
    risk 0.55cvss 8.4epss 0.01

    Memory corruption due to stack-based buffer overflow in Core

  • CVE-2022-40517HigJan 9, 2023
    risk 0.55cvss 8.4epss 0.00

    Memory corruption in core due to stack-based buffer overflow

  • CVE-2022-40516HigJan 9, 2023
    risk 0.55cvss 8.4epss 0.01

    Memory corruption in Core due to stack-based buffer overflow.

  • CVE-2023-33087HigDec 5, 2023
    risk 0.51cvss 7.8epss 0.00

    Memory corruption in Core while processing RX intent request.

  • CVE-2023-33060HigFeb 6, 2024
    risk 0.46cvss 7.1epss 0.00

    Transient DOS in Core when DDR memory check is called while DDR is not initialized.

  • CVE-2022-33263MedJun 6, 2023
    risk 0.44cvss 6.7epss 0.00

    Memory corruption due to use after free in Core when multiple DCI clients register and deregister.

  • CVE-2022-33226MedJun 6, 2023
    risk 0.44cvss 6.7epss 0.00

    Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

  • CVE-2022-33224MedJun 6, 2023
    risk 0.44cvss 6.7epss 0.00

    Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.

  • CVE-2022-40519MedJan 9, 2023
    risk 0.44cvss 6.8epss 0.00

    Information disclosure due to buffer overread in Core

  • CVE-2022-40518MedJan 9, 2023
    risk 0.44cvss 6.8epss 0.00

    Information disclosure due to buffer overread in Core

  • CVE-2023-33076MedFeb 6, 2024
    risk 0.38cvss 5.9epss 0.00

    Memory corruption in Core when updating rollback version for TA and OTA feature is enabled.

  • CVE-2022-33260MedMar 10, 2023
    risk 0.38cvss 5.9epss 0.00

    Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.