93 known vulnerabilities · sorted by CVSS score
Memory corruption in WLAN Host while processing RRM beacon on the AP.
Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
Memory corruption while redirecting log file to any file location with any file name.
Memory corruption while parsing the ML IE due to invalid frame content.
Memory corruption while processing MBSSID beacon containing several subelement IE.
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
Memory corruption in Core while processing control functions.
Memory corruption while processing TPC target power table in FTM TPC.
Memory corruption in Kernel while parsing metadata.
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Memory corruption when processing cmd parameters while parsing vdev.
Memory Corruption in Core due to secure memory access by user while loading modem image.
Memory corruption while loading an ELF segment in TEE Kernel.
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
Memory corruption during management frame processing due to mismatch in T2LM info element.