threat
engine
.sh
Back
·
··:··
Home
/
Product
/
qualcomm qca1990 firmware
Product
qualcomm qca1990 firmware
27 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-43511
all versions
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains
IPPROTO_NONE
as the n
7.5
HIGH
CVE-2023-28565
all versions
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
7.8
HIGH
CVE-2023-28560
all versions
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
7.8
HIGH
CVE-2023-21628
all versions
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
8.4
HIGH
CVE-2022-40532
all versions
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4
HIGH
CVE-2022-25655
all versions
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
8.4
HIGH
CVE-2022-40512
all versions
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
7.5
HIGH
CVE-2022-25719
all versions
Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdrag
8.2
HIGH
CVE-2022-25718
all versions
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Co
9.1
CRITICAL
CVE-2021-1924
all versions
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon
9.0
CRITICAL
CVE-2021-1959
all versions
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi
7.8
HIGH
CVE-2020-11303
all versions
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapd
8.6
HIGH
CVE-2021-30261
all versions
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from
8.4
HIGH
CVE-2021-30260
all versions
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist
8.4
HIGH
CVE-2021-1909
all versions
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, S
7.3
HIGH
CVE-2021-1920
all versions
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C
9.8
CRITICAL
CVE-2021-1916
all versions
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,
9.8
CRITICAL
CVE-2020-11292
all versions
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd
7.8
HIGH
CVE-2020-11235
all versions
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag
7.8
HIGH
CVE-2020-11159
all versions
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po
9.1
CRITICAL
CVE-2020-11191
all versions
Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,
8.2
HIGH
CVE-2020-11296
all versions
Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap
7.5
HIGH
CVE-2020-11276
all versions
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation
9.1
CRITICAL
CVE-2020-11269
all versions
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut
8.8
HIGH
CVE-2020-11204
all versions
Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for par
7.8
HIGH
CVE-2020-11195
all versions
Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffe
7.8
HIGH
CVE-2020-11170
all versions
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin