Latest CVE Feed
-
8.4
HIGHCVE-2024-45555
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +72 more products- Published: Jan. 06, 2025
- Modified: Jan. 13, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45553
Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware sd_8_gen1_5g_firmware +248 more products- Published: Jan. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45550
Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 wcd9385 sc8380xp_firmware +6 more products- Published: Jan. 06, 2025
- Modified: Jan. 13, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45548
Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware qcc2073_firmware qcc2076_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 +10 more products- Published: Jan. 06, 2025
- Modified: Jan. 13, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45547
Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware qcc2073_firmware qcc2076_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 +10 more products- Published: Jan. 06, 2025
- Modified: Jan. 13, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45546
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware qcc2073_firmware qcc2076_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 +10 more products- Published: Jan. 06, 2025
- Modified: Jan. 13, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45542
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware qca6595au_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware +94 more products- Published: Jan. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45541
Memory corruption when IOCTL call is invoked from user-space to read board data.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware qca6595au_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware +94 more products- Published: Jan. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2024-43064
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware wcn3660b_firmware sa8540p_firmware sa9000p_firmware +50 more products- Published: Jan. 06, 2025
- Modified: Jan. 13, 2025
- Vuln Type: Denial of Service
-
6.1
MEDIUMCVE-2024-43063
information disclosure while invoking the mailbox read API.... Read more
Affected Products : qam8295p_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware sa8255p_firmware +24 more products- Published: Jan. 06, 2025
- Modified: Jan. 10, 2025
- Vuln Type: Information Disclosure
-
6.1
MEDIUMCVE-2024-33067
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +148 more products- Published: Jan. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Information Disclosure
-
6.8
MEDIUMCVE-2024-33061
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.... Read more
Affected Products : sw5100_firmware sw5100p_firmware wcn3980_firmware wcn3988_firmware wsa8830_firmware wsa8835_firmware wcn3660b_firmware wcn3680b_firmware qcs8550_firmware wcn3660b +8 more products- Published: Jan. 06, 2025
- Modified: Jan. 10, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2024-33059
Memory corruption while processing frame command IOCTL calls.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware qcs8550_firmware qcm8550_firmware sm8550p_firmware wcd9390_firmware wcd9395_firmware wsa8840_firmware +22 more products- Published: Jan. 06, 2025
- Modified: Jan. 10, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-33055
Memory corruption while invoking IOCTL calls to unmap the DMA buffers.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +70 more products- Published: Jan. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-33041
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +62 more products- Published: Jan. 06, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
6.6
MEDIUMCVE-2024-23366
Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.... Read more
Affected Products : qam8295p_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware sa8255p_firmware +24 more products- Published: Jan. 06, 2025
- Modified: Jan. 10, 2025
- Vuln Type: Information Disclosure
-
8.4
HIGHCVE-2024-21464
Memory corruption while processing IPA statistics, when there are no active clients registered.... Read more
Affected Products : wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware qcm4490_firmware qcs4490_firmware wcd9370_firmware wcn3950_firmware wcn6740_firmware wsa8832_firmware +32 more products- Published: Jan. 06, 2025
- Modified: Jan. 10, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2024-12311
The Email Subscribers by Icegram Express WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks... Read more
Affected Products : email_subscribers_\&_newsletters- Published: Jan. 06, 2025
- Modified: May. 14, 2025
- Vuln Type: Injection
-
6.1
MEDIUMCVE-2024-12302
The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks... Read more
Affected Products : icegram_engage- Published: Jan. 06, 2025
- Modified: May. 14, 2025
- Vuln Type: Cross-Site Scripting
-
6.1
MEDIUMCVE-2024-11849
The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ex... Read more
Affected Products : pods- Published: Jan. 06, 2025
- Modified: May. 14, 2025
- Vuln Type: Cross-Site Scripting