Total
584 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1905 | 1 Qualcomm | 792 Apq8009, Apq8009 Firmware, Apq8009w and 789 more | 2025-04-02 | 7.2 HIGH | 8.4 HIGH |
| Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2024-53030 | 1 Qualcomm | 88 Msm8996au, Msm8996au Firmware, Qam8255p and 85 more | 2025-03-07 | N/A | 7.8 HIGH |
| Memory corruption while processing input message passed from FE driver. | |||||
| CVE-2021-1906 | 1 Qualcomm | 800 Apq8009, Apq8009 Firmware, Apq8009w and 797 more | 2025-02-18 | 2.1 LOW | 6.2 MEDIUM |
| Improper handling of address deregistration on failure can lead to new GPU address allocation failure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2024-38414 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing information on firmware image during core initialization. | |||||
| CVE-2024-38416 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, C-v2x 9150 and 141 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure during audio playback. | |||||
| CVE-2024-38417 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, C-v2x 9150 and 109 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing IO control commands. | |||||
| CVE-2024-38418 | 1 Qualcomm | 124 C-v2x 9150, C-v2x 9150 Firmware, Csrb31024 and 121 more | 2025-02-05 | N/A | 7.8 HIGH |
| Memory corruption while parsing the memory map info in IOCTL calls. | |||||
| CVE-2024-38420 | 1 Qualcomm | 320 Aqt1000, Aqt1000 Firmware, Ar8035 and 317 more | 2025-02-05 | N/A | 8.8 HIGH |
| Memory corruption while configuring a Hypervisor based input virtual device. | |||||
| CVE-2023-43538 | 1 Qualcomm | 274 Aqt1000, Aqt1000 Firmware, Ar8035 and 271 more | 2025-01-27 | N/A | 9.3 CRITICAL |
| Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization. | |||||
| CVE-2023-43526 | 1 Qualcomm | 76 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 73 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption while querying module parameters from Listen Sound model client in kernel from user space. | |||||
| CVE-2023-43525 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption while copying the sound model data from user to kernel buffer during sound model register. | |||||
| CVE-2023-43524 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 111 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption when the bandpass filter order received from AHAL is not within the expected range. | |||||
| CVE-2024-21463 | 1 Qualcomm | 218 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 215 more | 2025-01-13 | N/A | 7.3 HIGH |
| Memory corruption while processing Codec2 during v13k decoder pitch synthesis. | |||||
| CVE-2024-45555 | 1 Qualcomm | 82 Msm8996au, Msm8996au Firmware, Qam8255p and 79 more | 2025-01-13 | N/A | 8.4 HIGH |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. | |||||
| CVE-2023-33090 | 1 Qualcomm | 104 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 101 more | 2025-01-10 | N/A | 5.5 MEDIUM |
| Transient DOS while processing channel information for speaker protection v2 module in ADSP. | |||||
| CVE-2024-33043 | 1 Qualcomm | 406 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 403 more | 2024-12-20 | N/A | 5.5 MEDIUM |
| Transient DOS while handling PS event when Program Service name length offset value is set to 255. | |||||
| CVE-2024-33056 | 1 Qualcomm | 658 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 655 more | 2024-12-12 | N/A | 8.4 HIGH |
| Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | |||||
| CVE-2024-33053 | 1 Qualcomm | 112 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 109 more | 2024-12-12 | N/A | 6.7 MEDIUM |
| Memory corruption when multiple threads try to unregister the CVP buffer at the same time. | |||||
| CVE-2024-33044 | 1 Qualcomm | 422 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 419 more | 2024-12-12 | N/A | 8.4 HIGH |
| Memory corruption while Configuring the SMR/S2CR register in Bypass mode. | |||||
| CVE-2024-33037 | 1 Qualcomm | 102 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 99 more | 2024-12-11 | N/A | 6.1 MEDIUM |
| Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. | |||||