Filtered by vendor Qualcomm
Subscribe
Total
2488 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-25276 | 1 Qualcomm | 114 Cq8750m, Cq8750m Firmware, Fastconnect 6700 and 111 more | 2026-06-02 | N/A | 8.8 HIGH |
| Memory corruption while using Strongbox due to missing bounds check. | |||||
| CVE-2026-25277 | 1 Qualcomm | 114 Cq8750m, Cq8750m Firmware, Fastconnect 6700 and 111 more | 2026-06-02 | N/A | 8.8 HIGH |
| Memory corruption while using Strongbox due to buffer overflow. | |||||
| CVE-2026-24082 | 1 Qualcomm | 352 Ar8031, Ar8031 Firmware, Ar8035 and 349 more | 2026-05-12 | N/A | 7.8 HIGH |
| Memory Corruption when copying data from a freed source while executing performance counter deselect operation. | |||||
| CVE-2014-10031 | 1 Qualcomm | 1 Eudora Worldmail | 2026-05-06 | 7.5 HIGH | N/A |
| Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command. | |||||
| CVE-2025-47401 | 1 Qualcomm | 490 Ar8035, Ar8035 Firmware, Cologne and 487 more | 2026-05-06 | N/A | 6.5 MEDIUM |
| Transient DOS when processing target power rate tables during channel configuration. | |||||
| CVE-2025-47403 | 1 Qualcomm | 514 Ar8035, Ar8035 Firmware, Cologne and 511 more | 2026-05-06 | N/A | 6.5 MEDIUM |
| Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming. | |||||
| CVE-2025-47404 | 1 Qualcomm | 376 215 Mobile, 215 Mobile Firmware, 5g Fixed Wireless Access and 373 more | 2026-05-06 | N/A | 6.5 MEDIUM |
| Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified. | |||||
| CVE-2025-47405 | 1 Qualcomm | 32 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 29 more | 2026-05-06 | N/A | 7.8 HIGH |
| Memory corruption when processing camera sensor input/output control codes with invalid output buffers. | |||||
| CVE-2025-47408 | 1 Qualcomm | 40 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6900 and 37 more | 2026-05-06 | N/A | 7.8 HIGH |
| Memory corruption when another driver calls an IOCTL with invalid input/output buffer. | |||||
| CVE-2025-47406 | 1 Qualcomm | 62 Cologne, Cologne Firmware, Fastconnect 6700 and 59 more | 2026-05-06 | N/A | 6.1 MEDIUM |
| Information Disclosure while processing IOCTL handler callbacks without verifying buffer size. | |||||
| CVE-2025-47407 | 1 Qualcomm | 200 Cq7790, Cq7790 Firmware, Cq8725s and 197 more | 2026-05-06 | N/A | 7.8 HIGH |
| Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level. | |||||
| CVE-2026-25266 | 1 Qualcomm | 48 Cologne, Cologne Firmware, Fastconnect 6900 and 45 more | 2026-05-06 | N/A | 5.5 MEDIUM |
| Memory corruption while processing IOCTL command when device is in power-save state. | |||||
| CVE-2026-25293 | 1 Qualcomm | 2 Qca7005, Qca7005 Firmware | 2026-05-06 | N/A | 9.6 CRITICAL |
| Buffer overflow due to incorrect authorization in PLC FW | |||||
| CVE-2013-4740 | 1 Qualcomm | 1 Quic Mobile Station Modem Kernel | 2026-04-29 | 6.9 MEDIUM | N/A |
| goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, relies on user-space length values for kernel-memory copies of procfs file content, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that provides crafted values. | |||||
| CVE-2013-4738 | 2 Codeaurora, Qualcomm | 2 Android-msm, Quic Mobile Station Modem Kernel | 2026-04-29 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c. | |||||
| CVE-2013-6122 | 1 Qualcomm | 1 Quic Mobile Station Modem Kernel | 2026-04-29 | 6.9 MEDIUM | N/A |
| goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler. | |||||
| CVE-2013-4739 | 2 Codeaurora, Qualcomm | 2 Android-msm, Quic Mobile Station Modem Kernel | 2026-04-29 | 4.9 MEDIUM | N/A |
| The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to obtain sensitive information from kernel stack memory via (1) a crafted MSM_MCR_IOCTL_EVT_GET ioctl call, related to drivers/media/platform/msm/camera_v1/mercury/msm_mercury_sync.c, or (2) a crafted MSM_JPEG_IOCTL_EVT_GET ioctl call, related to drivers/media/platform/msm/camera_v2/jpeg_10/msm_jpeg_sync.c. | |||||
| CVE-2013-3051 | 2 Motorola, Qualcomm | 5 Android, Atrix Hd, Razr Hd and 2 more | 2026-04-29 | 6.2 MEDIUM | N/A |
| The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local users to unlock the bootloader by using kernel mode to perform crafted 0x9 and 0x2 SMC operations, a different vulnerability than CVE-2013-2596. | |||||
| CVE-2012-1475 | 2 Google, Qualcomm | 2 Android, Yagattatalk Messenger | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors. | |||||
| CVE-2010-3403 | 1 Qualcomm | 1 Extensible Diagnostic Monitor | 2026-04-29 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic Monitor (QXDM) 03.09.19 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .isf file. | |||||