8.4CVSS
7.7AI Score
0.001EPSS
7.3CVSS
9.6AI Score
0.0005EPSS
7.5CVSS
7.4AI Score
0.0005EPSS
Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP...
7.5CVSS
7.2AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.5CVSS
7.5AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon...
7.5CVSS
7.5AI Score
0.0005EPSS
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel...
7.8CVSS
7.5AI Score
0.0004EPSS
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to...
7.8CVSS
7.5AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
9.8CVSS
9.6AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
9.8CVSS
9.5AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.6AI Score
0.0005EPSS
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote...
9.8CVSS
9.3AI Score
0.001EPSS
Memory Corruption in Data Modem while processing DMA buffer release event about CFR...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory Corruption in Core due to secure memory access by user while loading modem...
7.8CVSS
7.3AI Score
0.0004EPSS
7.5CVSS
7.4AI Score
0.001EPSS
7.8CVSS
7.4AI Score
0.0004EPSS
7.8CVSS
7.4AI Score
0.0004EPSS
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT...
6.5CVSS
6.4AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data...
7.8CVSS
7.6AI Score
0.0004EPSS
Memory corruption in Linux when the file upload API is called with parameters having large...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx...
7.8CVSS
7.7AI Score
0.0004EPSS
6.8CVSS
6.7AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Information disclosure in Network Services due to buffer over-read while the device receives DNS...
7.5CVSS
7.5AI Score
0.001EPSS
5.5CVSS
5.5AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39...
7.5CVSS
7.6AI Score
0.001EPSS
Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection...
8.8CVSS
8.9AI Score
0.0004EPSS
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP...
8.8CVSS
8.8AI Score
0.001EPSS
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer...
7.8CVSS
7.9AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report...
5.5CVSS
5.6AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS...
9.8CVSS
9.6AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Information disclosure due to buffer over-read while parsing DNS response packets in...
7.5CVSS
7.5AI Score
0.001EPSS
Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification...
5.5CVSS
5.6AI Score
0.0004EPSS
Information disclosure in modem due to buffer over-red while performing checksum of packet...
7.5CVSS
7.5AI Score
0.001EPSS
Information disclosure in modem due to buffer over read in dns client due to missing length...
7.5CVSS
7.4AI Score
0.001EPSS