Transient DOS in Modem while processing invalid System Information Block 1.

Memory Corruption in Audio while playing amrwbplus clips with modified content.

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

Transient DOS in modem due to reachable assertion.

Memory corruption due to improper validation of array index in Multi-mode call processor.

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.

Memory corruption in modem due to buffer overflow while processing a PPP packet

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Information Disclosure in Graphics during GPU context switch.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

Memory corruption due to configuration weakness in modem wile sending command to write protected files.