Filtered by vendor Qualcomm
Subscribe
Total
2449 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21452 | 1 Qualcomm | 12 C-v2x 9150, C-v2x 9150 Firmware, Qca6584au and 9 more | 2025-01-13 | N/A | 7.3 HIGH |
|
Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.
|
|||||
| CVE-2024-45555 | 1 Qualcomm | 82 Msm8996au, Msm8996au Firmware, Qam8255p and 79 more | 2025-01-13 | N/A | 8.4 HIGH |
|
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image.
|
|||||
| CVE-2024-45550 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-01-13 | N/A | 7.8 HIGH |
|
Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls.
|
|||||
| CVE-2024-45548 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | N/A | 7.8 HIGH |
|
Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.
|
|||||
| CVE-2024-45547 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | N/A | 7.8 HIGH |
|
Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.
|
|||||
| CVE-2024-45546 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | N/A | 7.8 HIGH |
|
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.
|
|||||
| CVE-2024-43064 | 1 Qualcomm | 60 Qam8255p, Qam8255p Firmware, Qam8295p and 57 more | 2025-01-13 | N/A | 7.5 HIGH |
|
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.
|
|||||
| CVE-2024-45559 | 1 Qualcomm | 46 Qam8255p, Qam8255p Firmware, Qam8295p and 43 more | 2025-01-13 | N/A | 5.5 MEDIUM |
|
Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.
|
|||||
| CVE-2023-43541 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 63 more | 2025-01-10 | N/A | 8.4 HIGH |
|
Memory corruption while invoking the SubmitCommands call on Gfx engine during the graphics render.
|
|||||
| CVE-2023-43549 | 1 Qualcomm | 278 Ar8035, Ar8035 Firmware, Csr8811 and 275 more | 2025-01-10 | N/A | 8.4 HIGH |
|
Memory corruption while processing TPC target power table in FTM TPC.
|
|||||
| CVE-2023-43540 | 1 Qualcomm | 58 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 55 more | 2025-01-10 | N/A | 8.4 HIGH |
|
Memory corruption while processing the IOCTL FM HCI WRITE request.
|
|||||
| CVE-2023-43539 | 1 Qualcomm | 274 Ar8035, Ar8035 Firmware, Csr8811 and 271 more | 2025-01-10 | N/A | 7.5 HIGH |
|
Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
|
|||||
| CVE-2023-33105 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Ar9380 and 295 more | 2025-01-10 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
|
|||||
| CVE-2023-33103 | 1 Qualcomm | 96 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 93 more | 2025-01-10 | N/A | 7.5 HIGH |
|
Transient DOS while processing CAG info IE received from NW.
|
|||||
| CVE-2023-33090 | 1 Qualcomm | 104 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 101 more | 2025-01-10 | N/A | 5.5 MEDIUM |
|
Transient DOS while processing channel information for speaker protection v2 module in ADSP.
|
|||||
| CVE-2023-33084 | 1 Qualcomm | 84 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 81 more | 2025-01-10 | N/A | 7.5 HIGH |
|
Transient DOS while processing IE fragments from server during DTLS handshake.
|
|||||
| CVE-2023-33078 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2025-01-10 | N/A | 5.1 MEDIUM |
|
Information Disclosure while processing IOCTL request in FastRPC.
|
|||||
| CVE-2023-28582 | 1 Qualcomm | 86 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 83 more | 2025-01-10 | N/A | 9.8 CRITICAL |
|
Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake.
|
|||||
| CVE-2024-21464 | 1 Qualcomm | 42 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 39 more | 2025-01-10 | N/A | 8.4 HIGH |
|
Memory corruption while processing IPA statistics, when there are no active clients registered.
|
|||||
| CVE-2024-23366 | 1 Qualcomm | 34 Qam8255p, Qam8255p Firmware, Qam8295p and 31 more | 2025-01-10 | N/A | 6.6 MEDIUM |
|
Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.
|
|||||
| CVE-2024-33059 | 1 Qualcomm | 32 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 29 more | 2025-01-10 | N/A | 6.7 MEDIUM |
|
Memory corruption while processing frame command IOCTL calls.
|
|||||
| CVE-2024-33061 | 1 Qualcomm | 18 Qcs8550, Qcs8550 Firmware, Sw5100 and 15 more | 2025-01-10 | N/A | 6.8 MEDIUM |
|
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.
|
|||||
| CVE-2024-43063 | 1 Qualcomm | 34 Qam8255p, Qam8255p Firmware, Qam8295p and 31 more | 2025-01-10 | N/A | 6.1 MEDIUM |
|
information disclosure while invoking the mailbox read API.
|
|||||
| CVE-2024-23360 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2025-01-09 | N/A | 8.4 HIGH |
|
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers.
|
|||||
| CVE-2024-23363 | 1 Qualcomm | 250 Ar8035, Ar8035 Firmware, Csr8811 and 247 more | 2025-01-09 | N/A | 7.5 HIGH |
|
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.
|
|||||
| CVE-2016-10394 | 1 Qualcomm | 10 Mdm9206, Mdm9206 Firmware, Mdm9607 and 7 more | 2025-01-09 | N/A | 8.4 HIGH |
|
Initial xbl_sec revision does not have all the debug policy features and critical checks.
|
|||||
| CVE-2017-11076 | 1 Qualcomm | 54 Msm8909w, Msm8909w Firmware, Msm8996au and 51 more | 2025-01-09 | N/A | 9.8 CRITICAL |
|
On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.
|
|||||
| CVE-2017-15832 | 1 Qualcomm | 10 Mdm9206, Mdm9206 Firmware, Mdm9607 and 7 more | 2025-01-09 | N/A | 8.4 HIGH |
|
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW
|
|||||
| CVE-2017-17772 | 1 Qualcomm | 14 Sd 450, Sd 450 Firmware, Sd 625 and 11 more | 2025-01-09 | N/A | 9.8 CRITICAL |
|
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
|
|||||
| CVE-2017-18153 | 1 Qualcomm | 10 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 7 more | 2025-01-09 | N/A | 8.4 HIGH |
|
A race condition exists in a driver potentially leading to a use-after-free condition.
|
|||||
| CVE-2018-11922 | 1 Qualcomm | 44 215, 215 Firmware, Mdm9206 and 41 more | 2025-01-09 | N/A | 9.8 CRITICAL |
|
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
|
|||||
| CVE-2018-11952 | 1 Qualcomm | 46 Mdm9206, Mdm9206 Firmware, Mdm9607 and 43 more | 2025-01-09 | N/A | 8.4 HIGH |
|
An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
|
|||||
| CVE-2016-10408 | 1 Qualcomm | 10 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8037 and 7 more | 2025-01-09 | N/A | 8.4 HIGH |
|
QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.
|
|||||
| CVE-2017-18306 | 1 Qualcomm | 14 Sd 450, Sd 450 Firmware, Sd 625 and 11 more | 2025-01-09 | N/A | 8.4 HIGH |
|
Information disclosure due to uninitialized variable.
|
|||||
| CVE-2017-18307 | 1 Qualcomm | 14 Sd 450, Sd 450 Firmware, Sd 625 and 11 more | 2025-01-09 | N/A | 8.4 HIGH |
|
Information disclosure possible while audio playback.
|
|||||
| CVE-2018-5852 | 1 Qualcomm | 46 Mdm9206, Mdm9206 Firmware, Mdm9607 and 43 more | 2025-01-09 | N/A | 8.4 HIGH |
|
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
|
|||||
| CVE-2023-43553 | 1 Qualcomm | 262 Ar8035, Ar8035 Firmware, Csr8811 and 259 more | 2025-01-09 | N/A | 9.8 CRITICAL |
|
Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.
|
|||||
| CVE-2024-33043 | 1 Qualcomm | 406 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 403 more | 2024-12-20 | N/A | 5.5 MEDIUM |
|
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
|
|||||
| CVE-2024-43053 | 1 Qualcomm | 40 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 37 more | 2024-12-12 | N/A | 7.8 HIGH |
|
Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.
|
|||||
| CVE-2024-43052 | 1 Qualcomm | 182 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 179 more | 2024-12-12 | N/A | 7.8 HIGH |
|
Memory corruption while processing API calls to NPU with invalid input.
|
|||||