Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

Memory corruption in WLAN due to use after free

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

Information Disclosure in Graphics during GPU context switch.

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Transient DOS due to buffer over-read in WLAN Host while parsing frame information.

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

Memory corruption due to improper access control in Qualcomm IPC.

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.

Memory corruption due to stack-based buffer overflow in Core

Information disclosure due to buffer overread in Core

Information disclosure due to buffer overread in Core

Memory corruption in core due to stack-based buffer overflow