Qualcomm Qca4004_firmware
163 CVEs affecting Qualcomm Qca4004_firmware. Latest disclosed: 2025-10-09. Critical: 31, High: 116.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22388 | Critical | 9.8 | 2023-11-07 | Memory Corruption in Multi-mode Call Processor while processing bit mask API. |
CVE-2022-33259 | Critical | 9.8 | 2023-04-13 | Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received. |
CVE-2022-33211 | Critical | 9.8 | 2023-04-13 | memory corruption in modem due to improper check while calculating size of serialized CoAP message |
CVE-2022-25745 | Critical | 9.8 | 2023-04-13 | Memory corruption in modem due to improper input validation while handling the incoming CoAP message |
CVE-2022-25740 | Critical | 9.8 | 2023-04-13 | Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface |
CVE-2022-25678 | Critical | 9.8 | 2023-04-13 | Memory correction in modem due to buffer overwrite during coap connection |
CVE-2022-25729 | Critical | 9.8 | 2023-02-12 | Memory corruption in modem due to improper length check while copying into memory |
CVE-2022-25727 | Critical | 9.8 | 2022-11-15 | Memory Corruption in modem due to improper length check while copying into memory in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Mus… |
CVE-2021-30341 | Critical | 9.8 | 2022-06-14 | Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrago… |
CVE-2021-1975 | Critical | 9.8 | 2021-11-12 | Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, S… |
CVE-2021-1920 | Critical | 9.8 | 2021-09-08 | Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu… |
CVE-2021-1916 | Critical | 9.8 | 2021-09-08 | Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdrag… |
CVE-2020-11227 | Critical | 9.8 | 2021-03-17 | Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute… |
CVE-2020-11170 | Critical | 9.8 | 2021-02-22 | Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon… |
CVE-2023-33072 | Critical | 9.3 | 2024-02-06 | Memory corruption in Core while processing control functions. |
CVE-2023-33032 | Critical | 9.3 | 2024-01-02 | Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. |
CVE-2023-33030 | Critical | 9.3 | 2024-01-02 | Memory corruption in HLOS while running playready use-case. |
CVE-2023-21651 | Critical | 9.3 | 2023-08-08 | Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. |
CVE-2022-33231 | Critical | 9.3 | 2023-04-13 | Memory corruption due to double free in core while initializing the encryption key. |
CVE-2022-33257 | Critical | 9.3 | 2023-03-10 | Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone. |