threat
engine
.sh
Back
·
··:··
Home
/
Product
/
qualcomm qca9986 firmware
Product
qualcomm qca9986 firmware
68 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-47339
all versions
Memory corruption while deinitializing a HDCP session.
7.8
HIGH
CVE-2025-27066
all versions
Transient DOS while processing an ANQP message.
7.5
HIGH
CVE-2025-21446
all versions
Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.
7.5
HIGH
CVE-2025-21448
all versions
Transient DOS may occur while parsing SSID in action frames.
7.5
HIGH
CVE-2024-21473
all versions
Memory corruption while redirecting log file to any file location with any file name.
9.8
CRITICAL
CVE-2023-33105
all versions
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction seque
7.5
HIGH
CVE-2023-28578
all versions
Memory corruption in Core Services while executing the command for removing a single event listener.
9.3
CRITICAL
CVE-2023-43522
all versions
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
7.5
HIGH
CVE-2023-43511
all versions
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains
IPPROTO_NONE
as the n
7.5
HIGH
CVE-2023-33109
all versions
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
7.5
HIGH
CVE-2023-33062
all versions
Transient DOS in WLAN Firmware while parsing a BTM request.
7.5
HIGH
CVE-2023-33098
all versions
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
7.5
HIGH
CVE-2023-33089
all versions
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
7.5
HIGH
CVE-2023-33088
all versions
Memory corruption when processing cmd parameters while parsing vdev.
8.4
HIGH
CVE-2023-33083
all versions
Memory corruption in WLAN Host while processing RRM beacon on the AP.
9.8
CRITICAL
CVE-2023-33082
all versions
Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.
9.8
CRITICAL
CVE-2023-33080
all versions
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
7.5
HIGH
CVE-2023-33047
all versions
Transient DOS in WLAN Firmware while parsing no-inherit IES.
7.5
HIGH
CVE-2023-28569
all versions
Information disclosure in WLAN HAL while handling command through WMI interfaces.
6.1
MEDIUM
CVE-2023-28563
all versions
Information disclosure in IOE Firmware while handling WMI command.
6.1
MEDIUM
CVE-2023-33028
all versions
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
9.8
CRITICAL
CVE-2023-33027
all versions
Transient DOS in WLAN Firmware while parsing rsn ies.
7.5
HIGH
CVE-2023-33026
all versions
Transient DOS in WLAN Firmware while parsing a NAN management frame.
7.5
HIGH
CVE-2023-33015
all versions
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
7.5
HIGH
CVE-2023-28573
all versions
Memory corruption in WLAN HAL while parsing WMI command parameters.
7.8
HIGH
CVE-2023-28567
all versions
Memory corruption in WLAN HAL while handling command through WMI interfaces.
7.8
HIGH
CVE-2023-28565
all versions
Memory corruption in WLAN HAL while handling command streams through WMI interfaces.
7.8
HIGH
CVE-2023-28564
all versions
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
7.8
HIGH
CVE-2023-28560
all versions
Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.
7.8
HIGH
CVE-2023-28559
all versions
Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.
7.8
HIGH
CVE-2023-28557
all versions
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.
7.8
HIGH
CVE-2023-28549
all versions
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
7.8
HIGH
CVE-2023-28548
all versions
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.
7.8
HIGH
CVE-2023-28544
all versions
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
7.8
HIGH
CVE-2022-33275
all versions
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
8.4
HIGH
CVE-2023-22387
all versions
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.
7.8
HIGH
CVE-2023-21661
all versions
Transient DOS while parsing WLAN beacon or probe-response frame.
7.5
HIGH
CVE-2023-21659
all versions
Transient DOS in WLAN Firmware while processing frames with missing header fields.
7.5
HIGH
CVE-2023-21658
all versions
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame.
7.5
HIGH
CVE-2023-21628
all versions
Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.
8.4
HIGH
CVE-2022-40532
all versions
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.
8.4
HIGH
CVE-2022-40531
all versions
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
8.4
HIGH
CVE-2022-25655
all versions
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
8.4
HIGH
CVE-2022-40514
all versions
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc respo
9.8
CRITICAL
CVE-2022-40512
all versions
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
7.5
HIGH
CVE-2022-33306
all versions
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
7.5
HIGH
CVE-2022-33277
all versions
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
8.4
HIGH
CVE-2022-33271
all versions
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
8.2
HIGH
CVE-2022-33243
all versions
Memory corruption due to improper access control in Qualcomm IPC.
8.4
HIGH
CVE-2022-33286
all versions
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
7.5
HIGH
CVE-2022-33285
all versions
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
7.5
HIGH
CVE-2022-33284
all versions
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
8.2
HIGH
CVE-2022-33283
all versions
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
8.2
HIGH
CVE-2022-33276
all versions
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.
8.4
HIGH
CVE-2022-33253
all versions
Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.
7.5
HIGH
CVE-2022-33252
all versions
Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.
8.2
HIGH
CVE-2022-25722
all versions
Information exposure in DSP services due to improper handling of freeing memory
6.0
MEDIUM
CVE-2021-30325
all versions
Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdr
6.7
MEDIUM
CVE-2021-30313
all versions
Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon
6.7
MEDIUM
CVE-2021-30303
all versions
Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon
7.8
HIGH
CVE-2021-30266
all versions
Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon
6.7
MEDIUM
CVE-2021-1976
all versions
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Com
9.8
CRITICAL
CVE-2021-1972
all versions
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snap
9.8
CRITICAL
CVE-2020-11301
all versions
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapd
9.1
CRITICAL
CVE-2020-11267
all versions
Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdra
8.4
HIGH
CVE-2020-11235
all versions
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag
7.8
HIGH
CVE-2020-11280
all versions
Denial of service while processing fine timing measurement request (FTMR) frame with reserved bits set in the FTM parameter IE due
7.5
HIGH
CVE-2020-11270
all versions
Possible denial of service due to RTT responder consistently rejects all FTMR by transmitting FTM1 with failure status in the FTM
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin