Summary
| Detail | |||
|---|---|---|---|
| Vendor | Qualcomm | First view | 2021-01-21 |
| Product | ipq8070a Firmware | Last view | 2025-07-08 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:qualcomm:ipq8070a_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2025-07-08 | CVE-2025-27061 | Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. |
| 7.5 | 2025-07-08 | CVE-2025-27057 | Transient DOS while handling beacon frames with invalid IE header length. |
| 7.8 | 2025-07-08 | CVE-2025-27043 | Memory corruption while processing manipulated payload in video firmware. |
| 7.8 | 2025-07-08 | CVE-2025-27042 | Memory corruption while processing video packets received from video firmware. |
| 7.5 | 2025-07-08 | CVE-2025-21446 | Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests. |
| 7.8 | 2025-03-03 | CVE-2024-43057 | Memory corruption while processing command in Glink linux. |
| 9.8 | 2025-02-03 | CVE-2024-49839 | Memory corruption during management frame processing due to mismatch in T2LM info element. |
| 7.8 | 2025-02-03 | CVE-2024-45571 | Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. |
| 9.8 | 2025-02-03 | CVE-2024-45569 | Memory corruption while parsing the ML IE due to invalid frame content. |
| 7.5 | 2025-01-06 | CVE-2024-45558 | Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. |
| 7.8 | 2024-12-02 | CVE-2024-33056 | Memory corruption when allocating and accessing an entry in an SMEM partition continuously. |
| 8.2 | 2024-10-07 | CVE-2024-33073 | Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. |
| 9.8 | 2024-10-07 | CVE-2024-33066 | Memory corruption while redirecting log file to any file location with any file name. |
| 7.5 | 2024-10-07 | CVE-2024-33049 | Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame. |
| 7.5 | 2024-09-02 | CVE-2024-33057 | Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. |
| 7.5 | 2024-09-02 | CVE-2024-33050 | Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. |
| 7.5 | 2024-09-02 | CVE-2024-33048 | Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. |
| 7.5 | 2024-08-05 | CVE-2024-33026 | Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp. |
| 7.5 | 2024-08-05 | CVE-2024-33025 | Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. |
| 7.5 | 2024-08-05 | CVE-2024-33024 | Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. |
| 7.5 | 2024-08-05 | CVE-2024-33019 | Transient DOS while parsing the received TID-to-link mapping action frame. |
| 7.5 | 2024-08-05 | CVE-2024-33018 | Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame. |
| 7.5 | 2024-08-05 | CVE-2024-33015 | Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. |
| 7.5 | 2024-08-05 | CVE-2024-33014 | Transient DOS while parsing ESP IE from beacon/probe response frame. |
| 7.5 | 2024-08-05 | CVE-2024-33013 | Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (80) | CWE-125 | Out-of-bounds Read |
| 11% (23) | CWE-787 | Out-of-bounds Write |
| 8% (17) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 7% (15) | CWE-416 | Use After Free |
| 6% (12) | CWE-617 | Reachable Assertion |
| 4% (9) | CWE-476 | NULL Pointer Dereference |
| 4% (9) | CWE-190 | Integer Overflow or Wraparound |
| 4% (8) | CWE-129 | Improper Validation of Array Index |
| 3% (6) | CWE-20 | Improper Input Validation |
| 2% (5) | CWE-287 | Improper Authentication |
| 1% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 1% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 1% (2) | CWE-126 | Buffer Over-read |
| 0% (1) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (1) | CWE-362 | Race Condition |
| 0% (1) | CWE-203 | Information Exposure Through Discrepancy |
| 0% (1) | CWE-200 | Information Exposure |
| 0% (1) | CWE-131 | Incorrect Calculation of Buffer Size |
