Search Results (95 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-24848 1 Qualcomm 488 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 485 more 2025-08-11 8.2 High
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.
CVE-2023-33018 1 Qualcomm 527 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 524 more 2025-08-11 7.8 High
Memory corruption while using the UIM diag command to get the operators name.
CVE-2024-33060 1 Qualcomm 540 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 537 more 2025-08-11 8.4 High
Memory corruption when two threads try to map and unmap a single node simultaneously.
CVE-2023-24847 1 Qualcomm 514 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 511 more 2025-08-11 7.5 High
Transient DOS in Modem while allocating DSM items.
CVE-2023-28550 1 Qualcomm 670 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 667 more 2025-08-11 7.8 High
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28551 1 Qualcomm 496 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 493 more 2025-08-11 7.8 High
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-33035 1 Qualcomm 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more 2025-08-11 7.8 High
Memory corruption while invoking callback function of AFE from ADSP.
CVE-2023-33112 1 Qualcomm 255 Ar8035, Ar8035 Firmware, Csra6620 and 252 more 2025-08-11 7.5 High
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
CVE-2023-33113 1 Qualcomm 254 Ar8035, Ar8035 Firmware, Csra6620 and 251 more 2025-08-11 8.4 High
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
CVE-2023-33117 1 Qualcomm 282 Ar8035, Ar8035 Firmware, Csra6620 and 279 more 2025-08-11 7.8 High
Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.
CVE-2024-21471 1 Qualcomm 350 205 Mobile, 205 Mobile Firmware, 215 Mobile and 347 more 2025-08-11 8.4 High
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
CVE-2023-28586 1 Qualcomm 626 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 623 more 2025-08-11 6 Medium
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
CVE-2024-33045 1 Qualcomm 385 Ar8035, Ar8035 Firmware, Csra6620 and 382 more 2025-08-11 8.4 High
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVE-2024-33051 1 Qualcomm 637 315 5g Iot, 315 5g Iot Firmware, 315 5g Iot Modem Firmware and 634 more 2025-08-11 7.5 High
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
CVE-2023-33053 1 Qualcomm 234 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 231 more 2025-08-11 8.4 High
Memory corruption in Kernel while parsing metadata.
CVE-2023-33120 1 Qualcomm 464 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 461 more 2025-08-11 7.8 High
Memory corruption in Audio when memory map command is executed consecutively in ADSP.
CVE-2023-24849 1 Qualcomm 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 473 more 2025-08-11 8.2 High
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.
CVE-2023-24851 1 Qualcomm 382 Ar8035, Ar8035 Firmware, Csr8811 and 379 more 2025-08-11 7.8 High
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
CVE-2023-43511 1 Qualcomm 712 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 709 more 2025-08-11 7.5 High
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
CVE-2023-43513 1 Qualcomm 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more 2025-08-11 7.8 High
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.