Total
239 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-52878 | 1 Insyde | 1 Insydeh2o | 2025-08-15 | N/A | 7.5 HIGH |
| An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, VariableServicesSetVariable () can be called by gRT_>SetVariable () or the SmmSetSensitiveVariable () or SmmInternalSetVariable () from SMM. In VariableServicesSetVariable (), it uses StrSize () to get variable name size, uses StrLen () to get variable name length and uses StrCmp () to compare strings. These actions may cause a buffer over-read. | |||||
| CVE-2024-52879 | 1 Insyde | 1 Insydeh2o | 2025-08-15 | N/A | 7.5 HIGH |
| An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, SmmUpdateVariablePropertySmi () is a SMM callback function and it uses StrCmp () to compare variable names. This action may cause a buffer over-read. | |||||
| CVE-2025-21427 | 1 Qualcomm | 358 205 Mobile, 205 Mobile Firmware, 215 Mobile and 355 more | 2025-08-11 | N/A | 8.2 HIGH |
| Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. | |||||
| CVE-2024-38397 | 1 Qualcomm | 232 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 229 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing probe response and assoc response frame. | |||||
| CVE-2024-33048 | 1 Qualcomm | 378 Ar8035, Ar8035 Firmware, Csr8811 and 375 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. | |||||
| CVE-2025-27055 | 1 Qualcomm | 80 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 77 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption during the image encoding process. | |||||
| CVE-2024-33073 | 1 Qualcomm | 318 Ar8035, Ar8035 Firmware, Csr8811 and 315 more | 2025-08-11 | N/A | 8.2 HIGH |
| Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. | |||||
| CVE-2025-21475 | 1 Qualcomm | 80 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 77 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. | |||||
| CVE-2025-21454 | 1 Qualcomm | 384 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 381 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while processing received beacon frame. | |||||
| CVE-2025-21449 | 1 Qualcomm | 370 315 5g Iot, 315 5g Iot Firmware, Apq8017 and 367 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS may occur while processing malformed length field in SSID IEs. | |||||
| CVE-2024-33051 | 1 Qualcomm | 578 315 5g Iot, 315 5g Iot Firmware, 9206 Lte and 575 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. | |||||
| CVE-2024-33047 | 1 Qualcomm | 48 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 45 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption when the captureRead QDCM command is invoked from user-space. | |||||
| CVE-2023-43527 | 1 Qualcomm | 108 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 105 more | 2025-08-11 | N/A | 6.8 MEDIUM |
| Information disclosure while parsing dts header atom in Video. | |||||
| CVE-2024-49839 | 1 Qualcomm | 372 Ar8035, Ar8035 Firmware, Csr8811 and 369 more | 2025-08-11 | N/A | 8.2 HIGH |
| Memory corruption during management frame processing due to mismatch in T2LM info element. | |||||
| CVE-2024-33050 | 1 Qualcomm | 514 Ar8035, Ar8035 Firmware, Ar9380 and 511 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. | |||||
| CVE-2024-45558 | 1 Qualcomm | 366 Ar8035, Ar8035 Firmware, Csr8811 and 363 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | |||||
| CVE-2024-33057 | 1 Qualcomm | 342 Ar8035, Ar8035 Firmware, Csr8811 and 339 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. | |||||
| CVE-2025-21459 | 1 Qualcomm | 248 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 245 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing per STA profile in ML IE. | |||||
| CVE-2023-43555 | 1 Qualcomm | 238 215 Mobile, 215 Mobile Firmware, Aqt1000 and 235 more | 2025-08-11 | N/A | 8.2 HIGH |
| Information disclosure in Video while parsing mp2 clip with invalid section length. | |||||
| CVE-2024-43056 | 1 Qualcomm | 384 Aqt1000, Aqt1000 Firmware, Ar8035 and 381 more | 2025-08-11 | N/A | 5.5 MEDIUM |
| Transient DOS during hypervisor virtual I/O operation in a virtual machine. | |||||