CVE-2025-27074

all versions

Memory corruption while processing a GP command response.

8.8HIGH

CVE-2025-27053

all versions

Memory corruption during PlayReady APP usecase while processing TA commands.

7.8HIGH

CVE-2024-21461

all versions

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

8.4HIGH

CVE-2023-43511

all versions

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the n

7.5HIGH

CVE-2023-33110

all versions

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP an

7.8HIGH

CVE-2023-33033

all versions

Memory corruption in Audio during playback with speaker protection.

8.4HIGH

CVE-2023-33030

all versions

Memory corruption in HLOS while running playready use-case.

9.3CRITICAL

CVE-2023-33080

all versions

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

7.5HIGH

CVE-2023-28586

all versions

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.0MEDIUM

CVE-2023-28546

all versions

Memory Corruption in SPS Application while exporting public key in sorter TA.

7.8HIGH

CVE-2023-33059

all versions

Memory corruption in Audio while processing the VOC packet data from ADSP.

7.8HIGH

CVE-2023-28560

all versions

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

7.8HIGH

CVE-2023-21628

all versions

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

8.4HIGH

CVE-2022-22076

all versions

information disclosure due to cryptographic issue in Core during RPMB read request.

7.1HIGH