Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Memory corruption while using the UIM diag command to get the operators name.

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Memory corruption in Audio while processing the VOC packet data from ADSP.

Transient DOS in WLAN Firmware while parsing rsn ies.

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

Transient DOS in WLAN Firmware while processing frames with missing header fields.

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

Transient DOS due to improper authorization in Modem

Memory corruption due to double free in Core while mapping HLOS address to the list.

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

information disclosure due to cryptographic issue in Core during RPMB read request.

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

Memory corruption in Graphics while importing a file.

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.