Total
263 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33096 | 1 Qualcomm | 204 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 201 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.
|
|||||
| CVE-2023-33119 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
|
|||||
| CVE-2023-22385 | 1 Qualcomm | 482 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 479 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
|
|||||
| CVE-2024-49844 | 1 Qualcomm | 362 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 359 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while triggering commands in the PlayReady Trusted application.
|
|||||
| CVE-2023-24850 | 1 Qualcomm | 412 Apq5053-aa, Apq5053-aa Firmware, Apq8017 and 409 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.
|
|||||
| CVE-2023-24848 | 1 Qualcomm | 488 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 485 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
|
|||||
| CVE-2024-49839 | 1 Qualcomm | 372 Ar8035, Ar8035 Firmware, Csr8811 and 369 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory corruption during management frame processing due to mismatch in T2LM info element.
|
|||||
| CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
|
|||||
| CVE-2025-21468 | 1 Qualcomm | 302 Ar8035, Ar8035 Firmware, Csra6620 and 299 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
|
|||||
| CVE-2023-33059 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 515 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Audio while processing the VOC packet data from ADSP.
|
|||||
| CVE-2024-33038 | 1 Qualcomm | 90 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 87 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
|
|||||
| CVE-2023-33104 | 1 Qualcomm | 204 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 201 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing PDU Release command with a parameter PDU ID out of range.
|
|||||
| CVE-2023-33018 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 523 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while using the UIM diag command to get the operators name.
|
|||||
| CVE-2024-21475 | 1 Qualcomm | 472 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 469 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption when the payload received from firmware is not as per the expected protocol size.
|
|||||
| CVE-2023-33043 | 1 Qualcomm | 118 Ar8035, Ar8035 Firmware, Qca6391 and 115 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in Modem when a Beam switch request is made with a non-configured BWP.
|
|||||
| CVE-2023-33095 | 1 Qualcomm | 204 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 201 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.
|
|||||
| CVE-2023-33098 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 523 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
|
|||||
| CVE-2025-27043 | 1 Qualcomm | 412 Ar8035, Ar8035 Firmware, Csr8811 and 409 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while processing manipulated payload in video firmware.
|
|||||
| CVE-2024-53009 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8035 and 375 more | 2025-08-11 | N/A | 5.3 MEDIUM |
|
Memory corruption while operating the mailbox in Automotive.
|
|||||
| CVE-2023-33080 | 1 Qualcomm | 732 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 729 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
|
|||||
| CVE-2023-28578 | 1 Qualcomm | 680 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 677 more | 2025-08-11 | N/A | 9.3 CRITICAL |
|
Memory corruption in Core Services while executing the command for removing a single event listener.
|
|||||
| CVE-2025-21432 | 1 Qualcomm | 492 Aqt1000, Aqt1000 Firmware, Ar8035 and 489 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while retrieving the CBOR data from TA.
|
|||||
| CVE-2023-33027 | 1 Qualcomm | 656 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 653 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing rsn ies.
|
|||||
| CVE-2024-33055 | 1 Qualcomm | 78 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 75 more | 2025-08-11 | N/A | 6.7 MEDIUM |
|
Memory corruption while invoking IOCTL calls to unmap the DMA buffers.
|
|||||
| CVE-2023-33023 | 1 Qualcomm | 576 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 573 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption while processing finish_sign command to pass a rsp buffer.
|
|||||
| CVE-2023-43542 | 1 Qualcomm | 418 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 415 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
|
|||||
| CVE-2023-33054 | 1 Qualcomm | 336 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 333 more | 2025-08-11 | N/A | 9.1 CRITICAL |
|
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.
|
|||||
| CVE-2024-33041 | 1 Qualcomm | 70 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 67 more | 2025-08-11 | N/A | 6.7 MEDIUM |
|
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,
|
|||||
| CVE-2024-38397 | 1 Qualcomm | 232 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 229 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while parsing probe response and assoc response frame.
|
|||||
| CVE-2023-33022 | 1 Qualcomm | 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption in HLOS while invoking IOCTL calls from user-space.
|
|||||
| CVE-2023-43551 | 1 Qualcomm | 482 205 Mobile, 205 Mobile Firmware, 215 Mobile and 479 more | 2025-08-11 | N/A | 9.1 CRITICAL |
|
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
|
|||||
| CVE-2023-28545 | 1 Qualcomm | 408 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 405 more | 2025-08-11 | N/A | 8.2 HIGH |
|
Memory corruption in TZ Secure OS while loading an app ELF.
|
|||||
| CVE-2023-33109 | 1 Qualcomm | 620 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 617 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
|
|||||
| CVE-2023-33031 | 1 Qualcomm | 330 Apq5053-aa, Apq5053-aa Firmware, Apq8009 and 327 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
|
|||||
| CVE-2024-33060 | 1 Qualcomm | 500 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 497 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when two threads try to map and unmap a single node simultaneously.
|
|||||
| CVE-2024-33045 | 1 Qualcomm | 360 Ar8035, Ar8035 Firmware, Csra6620 and 357 more | 2025-08-11 | N/A | 8.4 HIGH |
|
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
|
|||||
| CVE-2023-33017 | 1 Qualcomm | 554 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 551 more | 2025-08-11 | N/A | 7.8 HIGH |
|
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.
|
|||||
| CVE-2023-33026 | 1 Qualcomm | 390 Ar8035, Ar8035 Firmware, Ar9380 and 387 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Firmware while parsing a NAN management frame.
|
|||||
| CVE-2023-33057 | 1 Qualcomm | 202 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 199 more | 2025-08-11 | N/A | 7.5 HIGH |
|
Transient DOS in Multi-Mode Call Processor while processing UE policy container.
|
|||||
| CVE-2023-28586 | 1 Qualcomm | 626 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 623 more | 2025-08-11 | N/A | 6.0 MEDIUM |
|
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
|
|||||