Qualcomm Qcn7605_firmware
191 CVEs affecting Qualcomm Qcn7605_firmware. Latest disclosed: 2025-11-04. Critical: 37, High: 140.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-25748 | Critical | 9.8 | 2022-10-19 | Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity… |
CVE-2022-25720 | Critical | 9.8 | 2022-10-19 | Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon C… |
CVE-2021-35081 | Critical | 9.8 | 2022-06-14 | Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon… |
CVE-2020-11134 | Critical | 9.8 | 2021-06-09 | Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NA… |
CVE-2020-11272 | Critical | 9.8 | 2021-02-22 | Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after… |
CVE-2020-11153 | Critical | 9.8 | 2020-11-02 | u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto… |
CVE-2020-3675 | Critical | 9.8 | 2020-09-08 | u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute… |
CVE-2020-3669 | Critical | 9.8 | 2020-09-08 | u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit… |
CVE-2020-3668 | Critical | 9.8 | 2020-09-08 | u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while parsing' in Snapdragon Auto, Snapdragon Co… |
CVE-2020-11116 | Critical | 9.8 | 2020-09-08 | u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Comput… |
CVE-2020-3699 | Critical | 9.8 | 2020-07-30 | Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in Snapdragon Auto, Snapdragon C… |
CVE-2020-3698 | Critical | 9.8 | 2020-07-30 | Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Com… |
CVE-2020-3615 | Critical | 9.8 | 2020-06-02 | Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values… |
CVE-2019-14114 | Critical | 9.8 | 2020-04-16 | Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdr… |
CVE-2019-14113 | Critical | 9.8 | 2020-04-16 | Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdrag… |
CVE-2019-14112 | Critical | 9.8 | 2020-04-16 | Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Cons… |
CVE-2019-14111 | Critical | 9.8 | 2020-04-16 | Possible buffer overflow while handling NAN reception of NMF in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics C… |
CVE-2019-14110 | Critical | 9.8 | 2020-04-16 | Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP… |
CVE-2019-14097 | Critical | 9.8 | 2020-03-05 | Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdrag… |
CVE-2019-14095 | Critical | 9.8 | 2020-03-05 | Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Co… |