U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:qualcomm:wcn3991_firmware:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 471 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2022-22075

Information Disclosure in Graphics during GPU context switch.

Published: March 10, 2023; 4:15:11 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

Published: February 11, 2023; 11:15:15 PM -0500 		V4.0:(not available)
 V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Published: February 11, 2023; 11:15:15 PM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

Published: February 11, 2023; 11:15:14 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

Published: February 11, 2023; 11:15:14 PM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

Published: February 11, 2023; 11:15:14 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

Published: February 11, 2023; 11:15:14 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-33232

Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.

Published: February 11, 2023; 11:15:14 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-40520

Memory corruption due to stack-based buffer overflow in Core

Published: January 09, 2023; 3:15:13 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-40519

Information disclosure due to buffer overread in Core

Published: January 09, 2023; 3:15:13 AM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-40518

Information disclosure due to buffer overread in Core

Published: January 09, 2023; 3:15:13 AM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow

Published: January 09, 2023; 3:15:13 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-40516

Memory corruption in Core due to stack-based buffer overflow.

Published: January 09, 2023; 3:15:12 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

Published: January 09, 2023; 3:15:12 AM -0500 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

Published: January 09, 2023; 3:15:12 AM -0500 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-33284

Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.

Published: January 09, 2023; 3:15:12 AM -0500 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-25746

Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

Published: January 09, 2023; 3:15:11 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-25725

Denial of service in MODEM due to improper pointer handling

Published: January 09, 2023; 3:15:11 AM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-22088

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote

Published: January 09, 2023; 3:15:11 AM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-33238

Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: December 13, 2022; 11:15:21 AM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)