Skip to main content

Qcs410 Firmware

51 CVEs product

Monthly

CVE-2025-47398 HIGH PATCH This Week

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. [CVSS 7.8 HIGH]

Industrial Memory Corruption Robotics Rb2 Firmware Sm7435 Firmware Smart Audio 400 Firmware +145
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-47369 MEDIUM PATCH This Month

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Snapdragon Ar2 Gen 1 Platform Firmware Qcs610 Firmware Sd660 Firmware +154
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-47334 MEDIUM PATCH This Month

Memory corruption while processing shared command buffer packet between camera userspace and kernel. [CVSS 6.7 MEDIUM]

Linux Memory Corruption Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +132
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47333 MEDIUM PATCH This Month

Memory corruption while handling buffer mapping operations in the cryptographic driver. [CVSS 6.6 MEDIUM]

Memory Corruption Snapdragon 778g 5g Mobile Platform Firmware Sa6150p Firmware Qam8650p Firmware Qfw7114 Firmware +217
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-47331 MEDIUM PATCH This Month

Information disclosure while processing a firmware event. [CVSS 6.1 MEDIUM]

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Ipq5300 Firmware +278
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-47330 MEDIUM PATCH This Month

Transient DOS while parsing video packets received from the video firmware. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware Qcs6125 Firmware +202
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-27030 MEDIUM This Month

information disclosure while invoking calibration data from user space to update firmware size. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure C V2x 9150 Firmware Qam8295p Firmware Qca6574au Firmware +38
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-21488 HIGH This Month

Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +103
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-21487 HIGH This Month

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware +222
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-21484 HIGH This Month

Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Sm8750 Firmware Sm8750p Firmware Sm8850 Firmware +170
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-21483 CRITICAL This Week

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware Fastconnect 6200 Firmware +221
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-21481 HIGH This Month

Memory corruption while performing private key encryption in trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +245
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27066 HIGH This Month

Transient DOS while processing an ANQP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +366
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-27062 HIGH This Month

Memory corruption while handling client exceptions, allowing unauthorized channel access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware Ar8035 Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21474 HIGH This Month

Memory corruption while processing commands from A2dp sink command queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption Fastconnect 6800 Firmware Fastconnect 6900 Firmware +43
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21465 MEDIUM This Month

Information disclosure while processing the hash segment in an MBN file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Ipq5300 Firmware Qca9984 Firmware +344
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-21464 MEDIUM This Month

Information disclosure while reading data from an image using specified offset and size parameters. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Ipq5300 Firmware Qca9984 Firmware +337
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-21456 HIGH This Month

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption Ar8035 Firmware C V2x 9150 Firmware +62
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27061 HIGH PATCH This Week

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

Qcn5164 Firmware Qca4024 Firmware Qca8075 Firmware Qca9888 Firmware Ipq8078a Firmware +331
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27043 HIGH PATCH This Week

Memory corruption while processing manipulated payload in video firmware.

Buffer Overflow Qcn5224 Firmware Video Collaboration Vc3 Platform Firmware Qmp1000 Firmware Ar8035 Firmware +197
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27042 HIGH PATCH This Week

Memory corruption while processing video packets received from video firmware.

Buffer Overflow Sg4150p Firmware Sd888 Firmware Qcm5430 Firmware Qca6420 Firmware +330
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21427 HIGH This Week

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

Information Disclosure Buffer Overflow Wcn3610 Firmware Qam8650p Firmware Video Collaboration Vc1 Platform Firmware +166
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-53026 HIGH This Week

CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoLTE and VoWiFi call processing. When a malicious or malformed RTCP (Real-time Transport Control Protocol) packet is received during an active call, the vulnerable system leaks sensitive information to a network-adjacent attacker without requiring authentication or user interaction. The CVSS 8.2 rating reflects high confidentiality impact with partial availability degradation; exploitation likelihood and real-world activity status require cross-referencing with EPSS and KEV data.

Information Disclosure Wcd9335 Firmware Sm7325p Firmware Qcn9274 Firmware Sa6155 Firmware +207
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-53021 HIGH This Week

CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processing that allows unauthenticated remote attackers to leak sensitive data through malicious goodbye (BYE) RTCP packets. The vulnerability affects multiple VoIP and real-time communication products processing RTCP traffic; attackers can extract confidential information across the network without authentication or user interaction, and may also cause limited availability impact. The high CVSS score of 8.2 reflects the severe confidentiality impact and network-based attack vector, though exploitation complexity is low.

Sm7250p Firmware Vision Intelligence 300 Platform Firmware Qcn9274 Firmware Qcm8550 Firmware Qcs6125 Firmware +198
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-53020 HIGH This Week

CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that occurs when decoding packets with malformed header extensions. An attacker on the network can send specially crafted RTP packets to trigger memory disclosure, potentially exposing sensitive information while also causing minor availability impact. The vulnerability affects multiple implementations of RTP protocol handling across various media processing frameworks and VoIP applications; while there is no confirmed active KEV status or public exploit code documented, the high CVSS score (8.2) combined with network accessibility (CVSS:3.1/AV:N) indicates significant real-world risk to exposed services.

Information Disclosure 205 Mobile Platform Firmware 215 Mobile Platform Firmware Apq8017 Firmware Apq8064au Firmware +207
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-53013 MEDIUM This Month

Memory corruption may occur while processing voice call registration with user.

Buffer Overflow C V2x 9150 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware Mdm9628 Firmware +54
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-21468 HIGH PATCH This Week

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21467 HIGH PATCH This Week

Memory corruption while reading the FW response from the shared queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption 215 Mobile Firmware Csra6620 Firmware Csra6640 Firmware +100
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21453 HIGH PATCH This Week

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Sg8275p Firmware Sm7250p Firmware Qcn9274 Firmware Qcm8550 Firmware Qcs6125 Firmware +257
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45570 MEDIUM PATCH This Month

Memory corruption may occur during IO configuration processing when the IO port count is invalid. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption C V2x 9150 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +54
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-45564 HIGH PATCH This Week

Memory corruption during concurrent access to server info object due to incorrect reference count update. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Use After Free Memory Corruption C V2x 9150 Firmware Fastconnect 6800 Firmware +59
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45562 MEDIUM PATCH This Month

Memory corruption during concurrent access to server info object due to unprotected critical field. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Use After Free Memory Corruption C V2x 9150 Firmware Fastconnect 6800 Firmware +76
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2025-21430 HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcn9274 Firmware Qcm8550 Firmware +219
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-21429 HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 9206 Lte Modem Firmware Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45552 HIGH This Week

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apq8064au Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +142
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-45543 MEDIUM This Month

Memory corruption while accessing MSM channel map and mixer functions. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption C V2x 9150 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware +62
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-45540 MEDIUM This Month

Memory corruption while invoking IOCTL map buffer request from userspace. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption C V2x 9150 Firmware Fastconnect 6200 Firmware +66
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-43067 HIGH This Week

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow C V2x 9150 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +54
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-43066 HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption Csrb31024 Firmware Fastconnect 6200 Firmware +96
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21424 HIGH PATCH This Week

Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware +231
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53027 HIGH PATCH This Week

Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Sg8275p Firmware Qcn9274 Firmware Qcm8550 Firmware Qcs8250 Firmware Qcs6125 Firmware +202
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-53024 HIGH PATCH This Week

Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Buffer Overflow Denial Of Service Qcs6490 Firmware Qcs7230 Firmware +159
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53014 HIGH PATCH This Week

Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sm6370 Firmware Sm6650 Firmware Sm7250p Firmware Sm7315 Firmware +240
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-43057 HIGH PATCH This Week

Memory corruption while processing command in Glink linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow Qcn6224 Firmware Qcn6274 Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-38426 MEDIUM This Month

While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Qcs610 Firmware Sdx55 Firmware Sdx80m Firmware +160
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-49834 HIGH PATCH This Month

Memory corruption while power-up or power-down sequence of the camera sensor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +118
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38418 HIGH PATCH This Month

Memory corruption while parsing the memory map info in IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow C V2x 9150 Firmware Csrb31024 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +57
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38417 MEDIUM PATCH This Month

Information disclosure while processing IO control commands. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Fastconnect 6900 Firmware +53
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-38416 MEDIUM PATCH This Month

Information disclosure during audio playback. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Fastconnect 6800 Firmware +68
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-45558 HIGH PATCH This Month

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-33067 MEDIUM PATCH This Month

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Csrb31024 Firmware +73
NVD
CVSS 3.1
6.1
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers. [CVSS 7.8 HIGH]

Industrial Memory Corruption Robotics Rb2 Firmware +147
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Snapdragon Ar2 Gen 1 Platform Firmware +156
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while processing shared command buffer packet between camera userspace and kernel. [CVSS 6.7 MEDIUM]

Linux Memory Corruption Csra6620 Firmware +134
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Memory corruption while handling buffer mapping operations in the cryptographic driver. [CVSS 6.6 MEDIUM]

Memory Corruption Snapdragon 778g 5g Mobile Platform Firmware Sa6150p Firmware +219
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure while processing a firmware event. [CVSS 6.1 MEDIUM]

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware +280
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Transient DOS while parsing video packets received from the video firmware. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware +204
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

information disclosure while invoking calibration data from user space to update firmware size. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure C V2x 9150 Firmware +40
NVD
EPSS 0% CVSS 8.2
HIGH This Month

Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Fastconnect 6200 Firmware +105
NVD
EPSS 0% CVSS 8.2
HIGH This Month

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Apq8017 Firmware +224
NVD
EPSS 0% CVSS 8.2
HIGH This Month

Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Sm8750 Firmware +172
NVD
EPSS 0% CVSS 9.8
CRITICAL This Week

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware +223
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while performing private key encryption in trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +247
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Transient DOS while processing an ANQP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +368
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while handling client exceptions, allowing unauthorized channel access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow 315 5g Iot Modem Firmware +151
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while processing commands from A2dp sink command queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption +45
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure while processing the hash segment in an MBN file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +346
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure while reading data from an image using specified offset and size parameters. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +339
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption +64
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

Qcn5164 Firmware Qca4024 Firmware Qca8075 Firmware +333
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing manipulated payload in video firmware.

Buffer Overflow Qcn5224 Firmware Video Collaboration Vc3 Platform Firmware +199
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing video packets received from video firmware.

Buffer Overflow Sg4150p Firmware Sd888 Firmware +332
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

Information Disclosure Buffer Overflow Wcn3610 Firmware +168
NVD
EPSS 0% CVSS 8.2
HIGH This Week

CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoLTE and VoWiFi call processing. When a malicious or malformed RTCP (Real-time Transport Control Protocol) packet is received during an active call, the vulnerable system leaks sensitive information to a network-adjacent attacker without requiring authentication or user interaction. The CVSS 8.2 rating reflects high confidentiality impact with partial availability degradation; exploitation likelihood and real-world activity status require cross-referencing with EPSS and KEV data.

Information Disclosure Wcd9335 Firmware Sm7325p Firmware +209
NVD
EPSS 0% CVSS 8.2
HIGH This Week

CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processing that allows unauthenticated remote attackers to leak sensitive data through malicious goodbye (BYE) RTCP packets. The vulnerability affects multiple VoIP and real-time communication products processing RTCP traffic; attackers can extract confidential information across the network without authentication or user interaction, and may also cause limited availability impact. The high CVSS score of 8.2 reflects the severe confidentiality impact and network-based attack vector, though exploitation complexity is low.

Sm7250p Firmware Vision Intelligence 300 Platform Firmware Qcn9274 Firmware +200
NVD
EPSS 0% CVSS 8.2
HIGH This Week

CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that occurs when decoding packets with malformed header extensions. An attacker on the network can send specially crafted RTP packets to trigger memory disclosure, potentially exposing sensitive information while also causing minor availability impact. The vulnerability affects multiple implementations of RTP protocol handling across various media processing frameworks and VoIP applications; while there is no confirmed active KEV status or public exploit code documented, the high CVSS score (8.2) combined with network accessibility (CVSS:3.1/AV:N) indicates significant real-world risk to exposed services.

Information Disclosure 205 Mobile Platform Firmware 215 Mobile Platform Firmware +209
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

Memory corruption may occur while processing voice call registration with user.

Buffer Overflow C V2x 9150 Firmware Fastconnect 6800 Firmware +56
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Ar8035 Firmware +145
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while reading the FW response from the shared queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption 215 Mobile Firmware +102
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Sg8275p Firmware Sm7250p Firmware Qcn9274 Firmware +259
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Memory corruption may occur during IO configuration processing when the IO port count is invalid. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption C V2x 9150 Firmware +56
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption during concurrent access to server info object due to incorrect reference count update. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Use After Free Memory Corruption +61
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Memory corruption during concurrent access to server info object due to unprotected critical field. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Use After Free Memory Corruption +78
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +221
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 9206 Lte Modem Firmware Apq8017 Firmware +180
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apq8064au Firmware +144
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

Memory corruption while accessing MSM channel map and mixer functions. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption C V2x 9150 Firmware +64
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

Memory corruption while invoking IOCTL map buffer request from userspace. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption +68
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow C V2x 9150 Firmware Fastconnect 6800 Firmware +56
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption +98
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +233
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Sg8275p Firmware Qcn9274 Firmware Qcm8550 Firmware +204
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Buffer Overflow Denial Of Service +161
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sm6370 Firmware Sm6650 Firmware +242
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing command in Glink linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow +151
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Sm7250p Firmware Qcs6125 Firmware Qcs610 Firmware +162
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption while power-up or power-down sequence of the camera sensor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware +120
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption while parsing the memory map info in IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow C V2x 9150 Firmware Csrb31024 Firmware +59
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure while processing IO control commands. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +55
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure during audio playback. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +70
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +180
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +75
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy