Total
240 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-47315 | 1 Qualcomm | 54 Qam8255p, Qam8255p Firmware, Qam8295p and 51 more | 2025-09-25 | N/A | 7.8 HIGH |
|
Memory corruption while handling repeated memory unmap requests from guest VM.
|
|||||
| CVE-2025-21437 | 1 Qualcomm | 62 Qam8255p, Qam8255p Firmware, Qam8295p and 59 more | 2025-08-20 | N/A | 7.8 HIGH |
|
Memory corruption while processing memory map or unmap IOCTL operations simultaneously.
|
|||||
| CVE-2025-27073 | 1 Qualcomm | 340 Ar8035, Ar8035 Firmware, Csr8811 and 337 more | 2025-08-20 | N/A | 7.5 HIGH |
|
Transient DOS while creating NDP instance.
|
|||||
| CVE-2025-27065 | 1 Qualcomm | 300 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 297 more | 2025-08-20 | N/A | 7.5 HIGH |
|
Transient DOS while processing a frame with malformed shared-key descriptor.
|
|||||
| CVE-2025-21425 | 1 Qualcomm | 66 Qam8255p, Qam8255p Firmware, Qam8295p and 63 more | 2025-08-19 | N/A | 7.3 HIGH |
|
Memory corruption may occur due top improper access control in HAB process.
|
|||||
| CVE-2025-21431 | 1 Qualcomm | 72 Qam8255p, Qam8255p Firmware, Qam8295p and 69 more | 2025-08-19 | N/A | 5.5 MEDIUM |
|
Information disclosure may be there when a guest VM is connected.
|
|||||
| CVE-2025-21442 | 1 Qualcomm | 52 Qam8255p, Qam8255p Firmware, Qam8295p and 49 more | 2025-08-19 | N/A | 7.8 HIGH |
|
Memory corruption while transmitting packet mapping information with invalid header payload size.
|
|||||
| CVE-2025-21443 | 1 Qualcomm | 72 Qam8255p, Qam8255p Firmware, Qam8295p and 69 more | 2025-08-19 | N/A | 7.8 HIGH |
|
Memory corruption while processing message content in eAVB.
|
|||||
| CVE-2025-27072 | 1 Qualcomm | 72 Qam8255p, Qam8255p Firmware, Qam8295p and 69 more | 2025-08-18 | N/A | 5.5 MEDIUM |
|
Information disclosure while processing a packet at EAVB BE side with invalid header length.
|
|||||
| CVE-2024-21459 | 1 Qualcomm | 350 Ar8035, Ar8035 Firmware, Ar9380 and 347 more | 2025-08-15 | N/A | 6.5 MEDIUM |
|
Information disclosure while handling beacon or probe response frame in STA.
|
|||||
| CVE-2023-33068 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2025-08-11 | N/A | 6.7 MEDIUM |
|
Memory corruption in Audio while processing IIR config data from AFE calibration block.
|
|||||
| CVE-2023-33064 | 1 Qualcomm | 178 Aqt1000, Aqt1000 Firmware, Ar8035 and 175 more | 2025-08-11 | N/A | 5.5 MEDIUM |
|
Transient DOS in Audio when invoking callback function of ASM driver.
|
|||||
| CVE-2023-43520 | 1 Qualcomm | 140 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 137 more | 2025-08-11 | N/A | 8.6 HIGH |
|
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
|
|||||
| CVE-2025-21453 | 1 Qualcomm | 532 205 Mobile, 205 Mobile Firmware, 215 Mobile and 529 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
|
|||||
| CVE-2024-23354 | 1 Qualcomm | 152 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 149 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when the IOCTL call is interrupted by a signal.
|
|||||
| CVE-2023-43546 | 1 Qualcomm | 240 Ar8035, Ar8035 Firmware, Csra6620 and 237 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption while invoking HGSL IOCTL context create.
|
|||||
| CVE-2023-43519 | 1 Qualcomm | 268 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 265 more | 2025-08-11 | N/A | 7.3 HIGH |
|
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.
|
|||||
| CVE-2024-45558 | 1 Qualcomm | 366 Ar8035, Ar8035 Firmware, Csr8811 and 363 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
|
|||||
| CVE-2024-53027 | 1 Qualcomm | 424 205, 205 Firmware, Apq8017 and 421 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS may occur while processing the country IE.
|
|||||
| CVE-2025-21433 | 1 Qualcomm | 550 215 Mobile, 215 Mobile Firmware, Apq8017 and 547 more | 2025-08-11 | N/A | 6.2 MEDIUM |
|
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
|
|||||
| CVE-2023-43528 | 1 Qualcomm | 182 Ar8035, Ar8035 Firmware, C-v2x 9150 and 179 more | 2025-08-11 | N/A | 6.1 MEDIUM |
|
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
|
|||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2025-08-11 | N/A | 8.6 HIGH |
|
Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.
|
|||||
| CVE-2023-43550 | 1 Qualcomm | 270 Ar8035, Ar8035 Firmware, Csra6620 and 267 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.
|
|||||
| CVE-2023-43522 | 1 Qualcomm | 572 Aqt1000, Aqt1000 Firmware, Ar8035 and 569 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
|
|||||
| CVE-2023-43531 | 1 Qualcomm | 256 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 253 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption while verifying the serialized header when the key pairs are generated.
|
|||||
| CVE-2023-33065 | 1 Qualcomm | 208 Aqt1000, Aqt1000 Firmware, Ar8035 and 205 more | 2025-08-11 | N/A | 6.1 MEDIUM |
|
Information disclosure in Audio while accessing AVCS services from ADSP payload.
|
|||||
| CVE-2024-33050 | 1 Qualcomm | 514 Ar8035, Ar8035 Firmware, Ar9380 and 511 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
|
|||||
| CVE-2025-27061 | 1 Qualcomm | 688 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 685 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
|
|||||
| CVE-2023-33072 | 1 Qualcomm | 490 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 487 more | 2025-08-11 | N/A | 9.3 CRITICAL |
|
Memory corruption in Core while processing control functions.
|
|||||
| CVE-2025-21424 | 1 Qualcomm | 478 215, 215 Firmware, 315 5g Iot Modem and 475 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while calling the NPU driver APIs concurrently.
|
|||||
| CVE-2023-43552 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-08-11 | N/A | 9.8 CRITICAL |
|
Memory corruption while processing MBSSID beacon containing several subelement IE.
|
|||||
| CVE-2024-43051 | 1 Qualcomm | 488 Aqt1000, Aqt1000 Firmware, Ar8031 and 485 more | 2025-08-11 | N/A | 5.5 MEDIUM |
|
Information disclosure while deriving keys for a session for any Widevine use case.
|
|||||
| CVE-2024-21471 | 1 Qualcomm | 350 205 Mobile, 205 Mobile Firmware, 215 Mobile and 347 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
|
|||||
| CVE-2024-33051 | 1 Qualcomm | 578 315 5g Iot, 315 5g Iot Firmware, 9206 Lte and 575 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
|
|||||
| CVE-2023-43536 | 1 Qualcomm | 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parse fils IE with length equal to 1.
|
|||||
| CVE-2023-28547 | 1 Qualcomm | 604 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 601 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption in SPS Application while requesting for public key in sorter TA.
|
|||||
| CVE-2023-33067 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2025-08-11 | N/A | 6.7 MEDIUM |
|
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.
|
|||||
| CVE-2024-21480 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 227 more | 2025-08-11 | N/A | 7.3 HIGH |
|
Memory corruption while playing audio file having large-sized input buffer.
|
|||||
| CVE-2024-53023 | 1 Qualcomm | 206 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 203 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption may occur while accessing a variable during extended back to back tests.
|
|||||
| CVE-2024-49842 | 1 Qualcomm | 358 Aqt1000, Aqt1000 Firmware, Ar8035 and 355 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
|
|||||