CVE-2025-47403

all versions

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.

6.5MEDIUM

CVE-2025-47401

all versions

Transient DOS when processing target power rate tables during channel configuration.

6.5MEDIUM

CVE-2025-27061

all versions

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmwar

7.8HIGH

CVE-2025-27057

all versions

Transient DOS while handling beacon frames with invalid IE header length.

7.5HIGH

CVE-2025-27043

all versions

Memory corruption while processing manipulated payload in video firmware.

7.8HIGH

CVE-2025-27042

all versions

Memory corruption while processing video packets received from video firmware.

7.8HIGH

CVE-2024-43057

all versions

Memory corruption while processing command in Glink linux.

7.8HIGH

CVE-2024-49839

all versions

Memory corruption during management frame processing due to mismatch in T2LM info element.

8.2HIGH

CVE-2024-45571

all versions

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.

7.8HIGH

CVE-2024-45569

all versions

Memory corruption while parsing the ML IE due to invalid frame content.

9.8CRITICAL

CVE-2024-45558

all versions

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the

7.5HIGH

CVE-2024-33057

all versions

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating t

7.5HIGH

CVE-2024-33050

all versions

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improp

7.5HIGH

CVE-2024-33048

all versions

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

7.5HIGH

CVE-2024-33045

all versions

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

8.4HIGH

CVE-2024-23363

all versions

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

7.5HIGH

CVE-2023-43537

all versions

Information disclosure while handling T2LM Action Frame in WLAN Host.

6.5MEDIUM

CVE-2024-21477

all versions

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

7.5HIGH

CVE-2024-21473

all versions

Memory corruption while redirecting log file to any file location with any file name.

9.8CRITICAL

CVE-2023-43553

all versions

Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.

9.8CRITICAL

CVE-2023-43552

all versions

Memory corruption while processing MBSSID beacon containing several subelement IE.

9.8CRITICAL

CVE-2023-43549

all versions

Memory corruption while processing TPC target power table in FTM TPC.

8.4HIGH

CVE-2023-43539

all versions

Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.

7.5HIGH

CVE-2023-33105

all versions

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction seque

7.5HIGH

CVE-2023-28578

all versions

Memory corruption in Core Services while executing the command for removing a single event listener.

9.3CRITICAL