Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication.

Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.

Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device.

Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.

Memory corruption in Automotive due to improper input validation.

Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

Denial of service in MODEM due to improper pointer handling

Information exposure in DSP services due to improper handling of freeing memory

Memory corruption in video driver due to type confusion error during video playback

Memory corruption in display due to double free while allocating frame buffer memory

Memory corruption in Multimedia Framework due to unsafe access to the data members

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225232.

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote

Denial of service while processing fastboot flash command on mmc due to buffer over read