Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-49842 | 1 Qualcomm | 358 Aqt1000, Aqt1000 Firmware, Ar8035 and 355 more | 2025-05-09 | N/A | 7.8 HIGH |
| Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions. | |||||
| CVE-2024-49844 | 1 Qualcomm | 362 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 359 more | 2025-05-09 | N/A | 7.8 HIGH |
| Memory corruption while triggering commands in the PlayReady Trusted application. | |||||
| CVE-2024-49847 | 1 Qualcomm | 94 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 91 more | 2025-05-09 | N/A | 7.5 HIGH |
| Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE. | |||||
| CVE-2024-38426 | 1 Qualcomm | 328 205, 205 Firmware, 215 and 325 more | 2025-03-06 | N/A | 5.4 MEDIUM |
| While processing the authentication message in UE, improper authentication may lead to information disclosure. | |||||
| CVE-2024-38404 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-02-05 | N/A | 7.5 HIGH |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. | |||||
| CVE-2023-43551 | 1 Qualcomm | 482 205 Mobile, 205 Mobile Firmware, 215 Mobile and 479 more | 2025-01-27 | N/A | 9.1 CRITICAL |
| Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. | |||||
| CVE-2023-43555 | 1 Qualcomm | 238 215 Mobile, 215 Mobile Firmware, Aqt1000 and 235 more | 2025-01-27 | N/A | 8.2 HIGH |
| Information disclosure in Video while parsing mp2 clip with invalid section length. | |||||
| CVE-2024-21475 | 1 Qualcomm | 472 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 469 more | 2025-01-15 | N/A | 7.8 HIGH |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. | |||||
| CVE-2023-43528 | 1 Qualcomm | 182 Ar8035, Ar8035 Firmware, C-v2x 9150 and 179 more | 2025-01-15 | N/A | 6.1 MEDIUM |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. | |||||
| CVE-2023-43527 | 1 Qualcomm | 108 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 105 more | 2025-01-15 | N/A | 6.8 MEDIUM |
| Information disclosure while parsing dts header atom in Video. | |||||
| CVE-2023-43521 | 1 Qualcomm | 154 Ar8035, Ar8035 Firmware, C-v2x 9150 and 151 more | 2025-01-15 | N/A | 6.7 MEDIUM |
| Memory corruption when multiple listeners are being registered with the same file descriptor. | |||||
| CVE-2024-21468 | 1 Qualcomm | 460 205 Mobile, 205 Mobile Firmware, 215 Mobile and 457 more | 2025-01-13 | N/A | 8.4 HIGH |
| Memory corruption when there is failed unmap operation in GPU. | |||||
| CVE-2023-33111 | 1 Qualcomm | 172 Ar8035, Ar8035 Firmware, C-v2x 9150 and 169 more | 2025-01-13 | N/A | 5.5 MEDIUM |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. | |||||
| CVE-2023-43548 | 1 Qualcomm | 284 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 281 more | 2025-01-10 | N/A | 7.3 HIGH |
| Memory corruption while parsing qcp clip with invalid chunk data size. | |||||
| CVE-2023-33066 | 1 Qualcomm | 626 205 Mobile, 205 Mobile Firmware, 215 Mobile and 623 more | 2025-01-10 | N/A | 8.4 HIGH |
| Memory corruption in Audio while processing RT proxy port register driver. | |||||
| CVE-2023-33023 | 1 Qualcomm | 576 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 573 more | 2025-01-09 | N/A | 8.4 HIGH |
| Memory corruption while processing finish_sign command to pass a rsp buffer. | |||||
| CVE-2023-28547 | 1 Qualcomm | 604 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 601 more | 2025-01-09 | N/A | 8.4 HIGH |
| Memory corruption in SPS Application while requesting for public key in sorter TA. | |||||
| CVE-2023-33020 | 1 Qualcomm | 164 205, 205 Firmware, 215 and 161 more | 2024-11-21 | N/A | 7.5 HIGH |
| Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. | |||||
| CVE-2023-33019 | 1 Qualcomm | 164 205, 205 Firmware, 215 and 161 more | 2024-11-21 | N/A | 7.5 HIGH |
| Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. | |||||
| CVE-2023-28575 | 1 Qualcomm | 120 205, 205 Firmware, 215 and 117 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. | |||||