Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

Memory corruption in Audio during playback with speaker protection.

Memory corruption in HLOS while running playready use-case.

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Transient DOS in Bluetooth Host while rfc slot allocation.

Memory Corruption in SPS Application while exporting public key in sorter TA.

Memory corruption in Audio while processing the VOC packet data from ADSP.

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

Weak configuration in Automotive while VM is processing a listener request from TEE.

Memory corruption in Graphics while processing user packets for command submission.

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

Memory corruption due to untrusted pointer dereference in automotive during system call.

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

Memory Corruption in WLAN HOST while fetching TX status information.

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

Memory corruption in Automotive GPU while querying a gsl memory node.

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.