Search
Search Results (137 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33063 | 1 Qualcomm | 598 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 595 more | 2025-10-27 | 7.8 High |
| Memory corruption in DSP Services during a remote call from HLOS to DSP. | ||||
| CVE-2024-43046 | 1 Qualcomm | 620 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 617 more | 2025-10-06 | 5.5 Medium |
| There may be information disclosure during memory re-allocation in TZ Secure OS. | ||||
| CVE-2024-45551 | 1 Qualcomm | 484 Aqt1000, Aqt1000 Firmware, Ar8035 and 481 more | 2025-10-06 | 6.2 Medium |
| Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. | ||||
| CVE-2025-21448 | 1 Qualcomm | 538 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 535 more | 2025-10-06 | 7.5 High |
| Transient DOS may occur while parsing SSID in action frames. | ||||
| CVE-2024-33016 | 1 Qualcomm | 669 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 666 more | 2025-10-03 | 6.8 Medium |
| memory corruption when an invalid firehose patch command is invoked. | ||||
| CVE-2024-23364 | 1 Qualcomm | 359 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 356 more | 2025-10-03 | 7.5 High |
| Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). | ||||
| CVE-2024-23362 | 1 Qualcomm | 466 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 463 more | 2025-10-03 | 7.1 High |
| Cryptographic issue while parsing RSA keys in COBR format. | ||||
| CVE-2024-23359 | 1 Qualcomm | 324 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 321 more | 2025-10-03 | 8.2 High |
| Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. | ||||
| CVE-2025-21477 | 1 Qualcomm | 179 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 176 more | 2025-08-20 | 7.5 High |
| Transient DOS while processing CCCH data when NW sends data with invalid length. | ||||
| CVE-2025-21452 | 1 Qualcomm | 161 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 158 more | 2025-08-20 | 7.5 High |
| Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network. | ||||
| CVE-2023-33094 | 1 Qualcomm | 250 Ar8035, Ar8035 Firmware, Csra6620 and 247 more | 2025-08-11 | 8.4 High |
| Memory corruption while running VK synchronization with KASAN enabled. | ||||
| CVE-2023-33092 | 1 Qualcomm | 190 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 187 more | 2025-08-11 | 8.4 High |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. | ||||
| CVE-2023-24855 | 1 Qualcomm | 126 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 123 more | 2025-08-11 | 9.8 Critical |
| Memory corruption in Modem while processing security related configuration before AS Security Exchange. | ||||
| CVE-2023-33120 | 1 Qualcomm | 464 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 461 more | 2025-08-11 | 7.8 High |
| Memory corruption in Audio when memory map command is executed consecutively in ADSP. | ||||
| CVE-2023-28588 | 1 Qualcomm | 428 Apq8017, Apq8017 Firmware, Apq8064au and 425 more | 2025-08-11 | 7.5 High |
| Transient DOS in Bluetooth Host while rfc slot allocation. | ||||
| CVE-2023-33118 | 1 Qualcomm | 271 Ar8035, Ar8035 Firmware, Csra6620 and 268 more | 2025-08-11 | 7.8 High |
| Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL. | ||||
| CVE-2023-33117 | 1 Qualcomm | 282 Ar8035, Ar8035 Firmware, Csra6620 and 279 more | 2025-08-11 | 7.8 High |
| Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command. | ||||
| CVE-2023-43511 | 1 Qualcomm | 712 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 709 more | 2025-08-11 | 7.5 High |
| Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | ||||
| CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2025-08-11 | 7.8 High |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | ||||
| CVE-2023-28587 | 1 Qualcomm | 380 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 377 more | 2025-08-11 | 7.8 High |
| Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. | ||||