Summary
Detail | |||
---|---|---|---|
Vendor | Qualcomm | First view | 2021-01-21 |
Product | qcn5022 Firmware | Last view | 2025-03-03 |
Version | Type | Os | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:* | 218 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2025-03-03 | CVE-2024-43057 | Memory corruption while processing command in Glink linux. |
9.8 | 2025-02-03 | CVE-2024-49839 | Memory corruption during management frame processing due to mismatch in T2LM info element. |
7.8 | 2025-02-03 | CVE-2024-45571 | Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. |
9.8 | 2025-02-03 | CVE-2024-45569 | Memory corruption while parsing the ML IE due to invalid frame content. |
7.5 | 2025-01-06 | CVE-2024-45558 | Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. |
8.2 | 2024-10-07 | CVE-2024-33073 | Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. |
9.8 | 2024-10-07 | CVE-2024-33066 | Memory corruption while redirecting log file to any file location with any file name. |
7.5 | 2024-10-07 | CVE-2024-33049 | Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame. |
7.5 | 2024-09-02 | CVE-2024-33057 | Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. |
7.5 | 2024-09-02 | CVE-2024-33050 | Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. |
7.5 | 2024-09-02 | CVE-2024-33048 | Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. |
7.5 | 2024-08-05 | CVE-2024-33026 | Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp. |
7.5 | 2024-08-05 | CVE-2024-33025 | Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. |
7.5 | 2024-08-05 | CVE-2024-33024 | Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. |
7.5 | 2024-08-05 | CVE-2024-33019 | Transient DOS while parsing the received TID-to-link mapping action frame. |
7.5 | 2024-08-05 | CVE-2024-33018 | Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame. |
7.5 | 2024-08-05 | CVE-2024-33015 | Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. |
7.5 | 2024-08-05 | CVE-2024-33014 | Transient DOS while parsing ESP IE from beacon/probe response frame. |
7.5 | 2024-08-05 | CVE-2024-33013 | Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. |
7.5 | 2024-08-05 | CVE-2024-33012 | Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. |
7.5 | 2024-08-05 | CVE-2024-33011 | Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. |
7.5 | 2024-08-05 | CVE-2024-33010 | Transient DOS while parsing fragments of MBSSID IE from beacon frame. |
7.5 | 2024-08-05 | CVE-2024-21467 | Information disclosure while handling beacon probe frame during scan entry generation in client side. |
7.5 | 2024-08-05 | CVE-2024-21459 | Information disclosure while handling beacon or probe response frame in STA. |
7.8 | 2024-07-01 | CVE-2024-23368 | Memory corruption when allocating and accessing an entry in an SMEM partition. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
38% (80) | CWE-125 | Out-of-bounds Read |
14% (29) | CWE-787 | Out-of-bounds Write |
7% (16) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
7% (15) | CWE-416 | Use After Free |
5% (12) | CWE-617 | Reachable Assertion |
4% (10) | CWE-190 | Integer Overflow or Wraparound |
3% (8) | CWE-476 | NULL Pointer Dereference |
3% (8) | CWE-129 | Improper Validation of Array Index |
3% (7) | CWE-20 | Improper Input Validation |
2% (6) | CWE-287 | Improper Authentication |
2% (5) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
1% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
0% (2) | CWE-362 | Race Condition |
0% (1) | CWE-704 | Incorrect Type Conversion or Cast |
0% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
0% (1) | CWE-415 | Double Free |
0% (1) | CWE-212 | Improper Cross-boundary Removal of Sensitive Data |
0% (1) | CWE-203 | Information Exposure Through Discrepancy |
0% (1) | CWE-200 | Information Exposure |