Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead t…

Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead…

An out of bound memory access can occur due to improper validation of number of frames being pa…

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in S…

Memory corruption due to improper check to return error when user application requests memory a…

Improper validation of program headers containing ELF metadata can lead to image verification b…

Memory corruption due to double free in Core while mapping HLOS address to the list.

Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends m…

Possible memory out of bound issue during music playback when an incorrect bit stream content i…

Possible use after free due to improper handling of memory mapping of multiple processes simult…

Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snap…

Out of bound access in WLAN driver due to lack of validation of array length before copying int…

Uninitialized pointers accessed during music play back with incorrect bit stream due to an unin…

Integer multiplication overflow resulting in lower buffer size allocation than expected causes …

Memory corruption while using alignments for memory allocation.

Possible out of bound memory access in audio due to integer underflow while processing modified…

Out of bound memory access during music playback with modified content due to copying data with…

Out of bound memory access during music playback with ALAC modified content due to improper val…

Buffer Over-read in audio driver while using malloc management function due to not returning NU…

Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon …

Out of bound read occurs while processing crafted SDP due to lack of check of null string in Sn…

Buffer overflow in modem due to improper array index check before copying into it in Snapdragon…

Possible buffer overflow while updating ikev2 parameters for delete payloads received during in…

Pointer variable which is freed is not cleared can result in memory corruption and leads to den…

Memory corruption in Core due to stack-based buffer overflow.

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is prov…

Buffer over read can happen in video driver when playing clip with atomsize having value UINT32…

Possible integer overflow can occur when stream info update is called when total number of stre…

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL c…

An out of bounds read can happen when processing VSA attribute due to improper minimum required…

Out of bound reads might occur in while processing Service descriptor due to improper validatio…

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of fie…

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_K…

An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto…

Possible heap overflow due to improper length check of domain while parsing the DNS response in…

Possible out of bound read due to improper validation of IE length during SSID IE parse when ch…

Possible heap overflow while parsing NAL header due to lack of check of length of data received…

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe respons…

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE…

Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can b…