Total
169 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43530 | 1 Qualcomm | 316 Aqt1000, Aqt1000 Firmware, Ar8035 and 313 more | 2025-01-15 | N/A | 5.9 MEDIUM |
| Memory corruption in HLOS while checking for the storage type. | |||||
| CVE-2023-33119 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-01-15 | N/A | 8.4 HIGH |
| Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache. | |||||
| CVE-2023-33115 | 1 Qualcomm | 336 Aqt1000, Aqt1000 Firmware, Ar8035 and 333 more | 2025-01-13 | N/A | 7.8 HIGH |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. | |||||
| CVE-2024-45555 | 1 Qualcomm | 82 Msm8996au, Msm8996au Firmware, Qam8255p and 79 more | 2025-01-13 | N/A | 8.4 HIGH |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. | |||||
| CVE-2024-43064 | 1 Qualcomm | 60 Qam8255p, Qam8255p Firmware, Qam8295p and 57 more | 2025-01-13 | N/A | 7.5 HIGH |
| Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU. | |||||
| CVE-2024-45559 | 1 Qualcomm | 46 Qam8255p, Qam8255p Firmware, Qam8295p and 43 more | 2025-01-13 | N/A | 5.5 MEDIUM |
| Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. | |||||
| CVE-2024-45558 | 1 Qualcomm | 366 Ar8035, Ar8035 Firmware, Csr8811 and 363 more | 2025-01-13 | N/A | 7.5 HIGH |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | |||||
| CVE-2023-28578 | 1 Qualcomm | 680 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 677 more | 2025-01-10 | N/A | 9.3 CRITICAL |
| Memory corruption in Core Services while executing the command for removing a single event listener. | |||||
| CVE-2024-23366 | 1 Qualcomm | 34 Qam8255p, Qam8255p Firmware, Qam8295p and 31 more | 2025-01-10 | N/A | 6.6 MEDIUM |
| Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size. | |||||
| CVE-2024-33067 | 1 Qualcomm | 154 Ar8035, Ar8035 Firmware, C-v2x 9150 and 151 more | 2025-01-10 | N/A | 6.1 MEDIUM |
| Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. | |||||
| CVE-2024-43063 | 1 Qualcomm | 34 Qam8255p, Qam8255p Firmware, Qam8295p and 31 more | 2025-01-10 | N/A | 6.1 MEDIUM |
| information disclosure while invoking the mailbox read API. | |||||
| CVE-2023-33023 | 1 Qualcomm | 576 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 573 more | 2025-01-09 | N/A | 8.4 HIGH |
| Memory corruption while processing finish_sign command to pass a rsp buffer. | |||||
| CVE-2023-28547 | 1 Qualcomm | 604 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 601 more | 2025-01-09 | N/A | 8.4 HIGH |
| Memory corruption in SPS Application while requesting for public key in sorter TA. | |||||
| CVE-2024-33056 | 1 Qualcomm | 658 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 655 more | 2024-12-12 | N/A | 8.4 HIGH |
| Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | |||||
| CVE-2024-33053 | 1 Qualcomm | 112 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 109 more | 2024-12-12 | N/A | 6.7 MEDIUM |
| Memory corruption when multiple threads try to unregister the CVP buffer at the same time. | |||||
| CVE-2024-33044 | 1 Qualcomm | 422 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 419 more | 2024-12-12 | N/A | 8.4 HIGH |
| Memory corruption while Configuring the SMR/S2CR register in Bypass mode. | |||||
| CVE-2024-33037 | 1 Qualcomm | 102 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 99 more | 2024-12-11 | N/A | 6.1 MEDIUM |
| Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. | |||||
| CVE-2024-33036 | 1 Qualcomm | 104 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 101 more | 2024-12-11 | N/A | 6.7 MEDIUM |
| Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. | |||||
| CVE-2024-33012 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
| Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. | |||||
| CVE-2024-33011 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
| Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. | |||||