Total
98 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21471 | 1 Qualcomm | 350 205 Mobile, 205 Mobile Firmware, 215 Mobile and 347 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
|
|||||
| CVE-2024-21480 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 227 more | 2025-08-11 | N/A | 7.3 HIGH |
|
Memory corruption while playing audio file having large-sized input buffer.
|
|||||
| CVE-2025-21422 | 1 Qualcomm | 442 Aqt1000, Aqt1000 Firmware, Ar8035 and 439 more | 2025-08-11 | N/A | 7.1 HIGH |
|
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
|
|||||
| CVE-2024-53014 | 1 Qualcomm | 502 215, 215 Firmware, 315 5g Iot Modem and 499 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption may occur while validating ports and channels in Audio driver.
|
|||||
| CVE-2024-33057 | 1 Qualcomm | 342 Ar8035, Ar8035 Firmware, Csr8811 and 339 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
|
|||||
| CVE-2024-53024 | 1 Qualcomm | 332 Ar8035, Ar8035 Firmware, Csra6620 and 329 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in display driver while detaching a device.
|
|||||
| CVE-2024-49844 | 1 Qualcomm | 362 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 359 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while triggering commands in the PlayReady Trusted application.
|
|||||
| CVE-2024-49839 | 1 Qualcomm | 372 Ar8035, Ar8035 Firmware, Csr8811 and 369 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory corruption during management frame processing due to mismatch in T2LM info element.
|
|||||
| CVE-2025-21468 | 1 Qualcomm | 302 Ar8035, Ar8035 Firmware, Csra6620 and 299 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
|
|||||
| CVE-2024-21475 | 1 Qualcomm | 472 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 469 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption when the payload received from firmware is not as per the expected protocol size.
|
|||||
| CVE-2024-45562 | 1 Qualcomm | 160 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 157 more | 2025-08-11 | N/A | 6.6 MEDIUM |
|
Memory corruption during concurrent access to server info object due to unprotected critical field.
|
|||||
| CVE-2024-53009 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8035 and 375 more | 2025-08-11 | N/A | 5.3 MEDIUM |
|
Memory corruption while operating the mailbox in Automotive.
|
|||||
| CVE-2025-21432 | 1 Qualcomm | 492 Aqt1000, Aqt1000 Firmware, Ar8035 and 489 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while retrieving the CBOR data from TA.
|
|||||
| CVE-2024-33049 | 1 Qualcomm | 262 Csr8811, Csr8811 Firmware, Fastconnect 6700 and 259 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
|
|||||
| CVE-2024-33045 | 1 Qualcomm | 360 Ar8035, Ar8035 Firmware, Csra6620 and 357 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
|
|||||
| CVE-2024-23369 | 1 Qualcomm | 236 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 233 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
|
|||||
| CVE-2024-45564 | 1 Qualcomm | 126 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 123 more | 2025-05-09 | N/A | 7.8 HIGH |
|
Memory corruption during concurrent access to server info object due to incorrect reference count update.
|
|||||
| CVE-2024-45570 | 1 Qualcomm | 116 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 113 more | 2025-05-09 | N/A | 6.6 MEDIUM |
|
Memory corruption may occur during IO configuration processing when the IO port count is invalid.
|
|||||
| CVE-2024-45581 | 1 Qualcomm | 60 Mdm9628, Mdm9628 Firmware, Qam8295p and 57 more | 2025-05-09 | N/A | 6.6 MEDIUM |
|
Memory corruption while sound model registration for voice activation with audio kernel driver.
|
|||||
| CVE-2024-49835 | 1 Qualcomm | 424 Aqt1000, Aqt1000 Firmware, Ar8035 and 421 more | 2025-05-09 | N/A | 7.8 HIGH |
|
Memory corruption while reading secure file.
|
|||||
| CVE-2024-49845 | 1 Qualcomm | 292 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 289 more | 2025-05-09 | N/A | 7.8 HIGH |
|
Memory corruption during the FRS UDS generation process.
|
|||||
| CVE-2024-43060 | 1 Qualcomm | 82 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 79 more | 2025-03-06 | N/A | 7.8 HIGH |
|
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
|
|||||
| CVE-2024-43061 | 1 Qualcomm | 60 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 57 more | 2025-03-06 | N/A | 7.8 HIGH |
|
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
|
|||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | N/A | 8.2 HIGH |
|
Information disclosure while parsing the OCI IE with invalid length.
|
|||||
| CVE-2024-38414 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2025-02-05 | N/A | 6.1 MEDIUM |
|
Information disclosure while processing information on firmware image during core initialization.
|
|||||
| CVE-2024-38416 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, C-v2x 9150 and 141 more | 2025-02-05 | N/A | 6.1 MEDIUM |
|
Information disclosure during audio playback.
|
|||||
| CVE-2024-38417 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, C-v2x 9150 and 109 more | 2025-02-05 | N/A | 6.1 MEDIUM |
|
Information disclosure while processing IO control commands.
|
|||||
| CVE-2024-38418 | 1 Qualcomm | 124 C-v2x 9150, C-v2x 9150 Firmware, Csrb31024 and 121 more | 2025-02-05 | N/A | 7.8 HIGH |
|
Memory corruption while parsing the memory map info in IOCTL calls.
|
|||||
| CVE-2024-45569 | 1 Qualcomm | 348 Ar8035, Ar8035 Firmware, Csr8811 and 345 more | 2025-02-05 | N/A | 9.8 CRITICAL |
|
Memory corruption while parsing the ML IE due to invalid frame content.
|
|||||
| CVE-2024-21474 | 1 Qualcomm | 48 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 45 more | 2025-01-15 | N/A | 8.4 HIGH |
|
Memory corruption when size of buffer from previous call is used without validation or re-initialization.
|
|||||
| CVE-2024-33056 | 1 Qualcomm | 658 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 655 more | 2024-12-12 | N/A | 8.4 HIGH |
|
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
|
|||||
| CVE-2024-33053 | 1 Qualcomm | 112 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 109 more | 2024-12-12 | N/A | 6.7 MEDIUM |
|
Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
|
|||||
| CVE-2024-33044 | 1 Qualcomm | 422 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 419 more | 2024-12-12 | N/A | 8.4 HIGH |
|
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
|
|||||
| CVE-2024-33037 | 1 Qualcomm | 102 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 99 more | 2024-12-11 | N/A | 6.1 MEDIUM |
|
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
|
|||||
| CVE-2024-33036 | 1 Qualcomm | 104 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 101 more | 2024-12-11 | N/A | 6.7 MEDIUM |
|
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
|
|||||
| CVE-2024-33012 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
|
|||||
| CVE-2024-33011 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
|
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
|
|||||
| CVE-2024-33010 | 1 Qualcomm | 496 Ar8035, Ar8035 Firmware, Ar9380 and 493 more | 2024-11-26 | N/A | 7.5 HIGH |
|
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
|
|||||
| CVE-2024-23356 | 1 Qualcomm | 420 Aqt1000, Aqt1000 Firmware, Ar8031 and 417 more | 2024-11-26 | N/A | 7.8 HIGH |
|
Memory corruption during session sign renewal request calls in HLOS.
|
|||||
| CVE-2024-21479 | 1 Qualcomm | 190 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 187 more | 2024-11-26 | N/A | 7.5 HIGH |
|
Transient DOS during music playback of ALAC content.
|
|||||