488 known vulnerabilities · sorted by CVSS score
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.
Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake.
Memory corruption while parsing the ML IE due to invalid frame content.
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
Memory corruption while processing MBSSID beacon containing several subelement IE.
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
Memory corruption while selecting the PLMN from SOR failed list.
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
Memory corruption due to double free in core while initializing the encryption key.
Memory corruption in Hypervisor when platform information mentioned is not aligned.
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment.
Memory corruption in Core while processing control functions.
Memory corruption in HLOS while running playready use-case.
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.
Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory.
Memory corruption in Core Services while executing the command for removing a single event listener.