Total
134 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-43511 | 1 Qualcomm | 712 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 709 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
|
|||||
| CVE-2023-33062 | 1 Qualcomm | 580 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 577 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing a BTM request.
|
|||||
| CVE-2023-33072 | 1 Qualcomm | 490 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 487 more | 2025-08-11 | N/A | 9.3 CRITICAL |
|
Memory corruption in Core while processing control functions.
|
|||||
| CVE-2023-33046 | 1 Qualcomm | 98 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 95 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.
|
|||||
| CVE-2023-33117 | 1 Qualcomm | 282 Ar8035, Ar8035 Firmware, Csra6620 and 279 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.
|
|||||
| CVE-2023-43536 | 1 Qualcomm | 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parse fils IE with length equal to 1.
|
|||||
| CVE-2023-33114 | 1 Qualcomm | 224 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 221 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
|
|||||
| CVE-2023-33089 | 1 Qualcomm | 456 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 453 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS when processing a NULL buffer while parsing WLAN vdev.
|
|||||
| CVE-2023-33118 | 1 Qualcomm | 271 Ar8035, Ar8035 Firmware, Csra6620 and 268 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.
|
|||||
| CVE-2023-33120 | 1 Qualcomm | 464 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 461 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Audio when memory map command is executed consecutively in ADSP.
|
|||||
| CVE-2023-33088 | 1 Qualcomm | 612 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 609 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when processing cmd parameters while parsing vdev.
|
|||||
| CVE-2023-33087 | 1 Qualcomm | 236 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 233 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Core while processing RX intent request.
|
|||||
| CVE-2023-28585 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory corruption while loading an ELF segment in TEE Kernel.
|
|||||
| CVE-2023-33079 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Audio while running invalid audio recording from ADSP.
|
|||||
| CVE-2023-33112 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Csra6620 and 251 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
|
|||||
| CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
|
|||||
| CVE-2023-33098 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 523 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
|
|||||
| CVE-2023-28539 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Ar9380 and 311 more | 2025-08-11 | N/A | 6.6 MEDIUM |
|
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.
|
|||||
| CVE-2023-33080 | 1 Qualcomm | 732 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 729 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
|
|||||
| CVE-2023-33027 | 1 Qualcomm | 656 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 653 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing rsn ies.
|
|||||
| CVE-2024-38397 | 1 Qualcomm | 232 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 229 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing probe response and assoc response frame.
|
|||||
| CVE-2023-33022 | 1 Qualcomm | 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption in HLOS while invoking IOCTL calls from user-space.
|
|||||
| CVE-2023-28545 | 1 Qualcomm | 408 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 405 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory corruption in TZ Secure OS while loading an app ELF.
|
|||||
| CVE-2023-33109 | 1 Qualcomm | 620 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 617 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
|
|||||
| CVE-2023-33031 | 1 Qualcomm | 330 Apq5053-aa, Apq5053-aa Firmware, Apq8009 and 327 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
|
|||||
| CVE-2023-33017 | 1 Qualcomm | 554 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 551 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
|
|||||
| CVE-2023-33026 | 1 Qualcomm | 390 Ar8035, Ar8035 Firmware, Ar9380 and 387 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing a NAN management frame.
|
|||||
| CVE-2023-28586 | 1 Qualcomm | 626 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 623 more | 2025-08-11 | N/A | 6.0 MEDIUM |
|
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
|
|||||
| CVE-2023-28588 | 1 Qualcomm | 428 Apq8017, Apq8017 Firmware, Apq8064au and 425 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in Bluetooth Host while rfc slot allocation.
|
|||||
| CVE-2024-53011 | 1 Qualcomm | 166 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 163 more | 2025-08-11 | N/A | 7.9 HIGH |
|
Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
|
|||||
| CVE-2023-33094 | 1 Qualcomm | 250 Ar8035, Ar8035 Firmware, Csra6620 and 247 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption while running VK synchronization with KASAN enabled.
|
|||||
| CVE-2023-24852 | 1 Qualcomm | 542 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 539 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory Corruption in Core due to secure memory access by user while loading modem image.
|
|||||
| CVE-2024-33073 | 1 Qualcomm | 318 Ar8035, Ar8035 Firmware, Csr8811 and 315 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
|
|||||
| CVE-2023-33034 | 1 Qualcomm | 128 Apq5053-aa, Apq5053-aa Firmware, Csra6620 and 125 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while parsing the ADSP response command.
|
|||||
| CVE-2023-21673 | 1 Qualcomm | 326 Aqt1000, Aqt1000 Firmware, Ar8035 and 323 more | 2025-08-11 | N/A | 8.7 HIGH |
|
Improper Access to the VM resource manager can lead to Memory Corruption.
|
|||||
| CVE-2024-49834 | 1 Qualcomm | 254 Csra6620, Csra6620 Firmware, Csra6640 and 251 more | 2025-02-05 | N/A | 7.8 HIGH |
|
Memory corruption while power-up or power-down sequence of the camera sensor.
|
|||||
| CVE-2024-33056 | 1 Qualcomm | 658 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 655 more | 2024-12-12 | N/A | 8.4 HIGH |
|
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
|
|||||
| CVE-2024-33044 | 1 Qualcomm | 422 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 419 more | 2024-12-12 | N/A | 8.4 HIGH |
|
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
|
|||||
| CVE-2024-33012 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
|
|||||
| CVE-2024-33013 | 1 Qualcomm | 340 Ar8035, Ar8035 Firmware, Csr8811 and 337 more | 2024-11-26 | N/A | 7.5 HIGH |
|
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
|
|||||