Skip to main content

Qcs7230 Firmware

41 CVEs product

Monthly

CVE-2025-47366 HIGH This Week

Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input. [CVSS 7.1 HIGH]

Information Disclosure Sw5100 Firmware Qcs9100 Firmware Wcn3950 Firmware Sa8145p Firmware +151
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-47369 MEDIUM PATCH This Month

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Snapdragon Ar2 Gen 1 Platform Firmware Qcs610 Firmware Sd660 Firmware +154
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-47334 MEDIUM PATCH This Month

Memory corruption while processing shared command buffer packet between camera userspace and kernel. [CVSS 6.7 MEDIUM]

Linux Memory Corruption Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +132
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-47333 MEDIUM PATCH This Month

Memory corruption while handling buffer mapping operations in the cryptographic driver. [CVSS 6.6 MEDIUM]

Memory Corruption Snapdragon 778g 5g Mobile Platform Firmware Sa6150p Firmware Qam8650p Firmware Qfw7114 Firmware +217
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-47331 MEDIUM PATCH This Month

Information disclosure while processing a firmware event. [CVSS 6.1 MEDIUM]

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Ipq5300 Firmware +278
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-47330 MEDIUM PATCH This Month

Transient DOS while parsing video packets received from the video firmware. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware Qcs6125 Firmware +202
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-47318 HIGH This Week

Transient DOS while parsing the EPTM test control message to get the test pattern. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware Ar8031 Firmware +198
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-27066 HIGH This Month

Transient DOS while processing an ANQP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +366
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-27062 HIGH This Month

Memory corruption while handling client exceptions, allowing unauthorized channel access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware Ar8035 Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21465 MEDIUM This Month

Information disclosure while processing the hash segment in an MBN file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Ipq5300 Firmware Qca9984 Firmware +344
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-21464 MEDIUM This Month

Information disclosure while reading data from an image using specified offset and size parameters. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Ipq5300 Firmware Qca9984 Firmware +337
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-27061 HIGH PATCH This Week

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

Qcn5164 Firmware Qca4024 Firmware Qca8075 Firmware Qca9888 Firmware Ipq8078a Firmware +331
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27057 HIGH PATCH This Week

Transient DOS while handling beacon frames with invalid IE header length.

Buffer Overflow Ipq5300 Firmware Ipq5424 Firmware Qca6696 Firmware Ipq5332 Firmware +206
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-27052 HIGH This Week

Memory corruption while processing data packets in diag received from Unix clients.

Buffer Overflow Sm8635p Firmware Qcn6274 Firmware Wcd9370 Firmware Sxr2230p Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27043 HIGH PATCH This Week

Memory corruption while processing manipulated payload in video firmware.

Buffer Overflow Qcn5224 Firmware Video Collaboration Vc3 Platform Firmware Qmp1000 Firmware Ar8035 Firmware +197
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27042 HIGH PATCH This Week

Memory corruption while processing video packets received from video firmware.

Buffer Overflow Sg4150p Firmware Sd888 Firmware Qcm5430 Firmware Qca6420 Firmware +330
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21433 MEDIUM This Month

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

Null Pointer Dereference Denial Of Service Wcn6450 Firmware Qcm2150 Firmware Snapdragon 888 5g Mobile Firmware +262
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-21432 HIGH This Week

CVE-2025-21432 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Sg8275p Firmware Sm7250p Firmware Qcn9274 Firmware Qcm8550 Firmware Qcs8250 Firmware +232
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21463 HIGH This Week

Transient denial-of-service vulnerability in wireless beacon frame processing that occurs when a device receives a malformed EHT (Extremely High Throughput) operation information element. An unauthenticated remote attacker can trigger a temporary service disruption by sending a specially crafted beacon frame, affecting WiFi 6E and later devices. With a CVSS score of 7.5 and high availability impact, this vulnerability requires no user interaction and is network-accessible, making it a notable threat to wireless infrastructure and client devices, though there is currently no evidence of active exploitation in the wild.

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Ipq5300 Firmware +205
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-21468 HIGH PATCH This Week

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware +143
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21467 HIGH PATCH This Week

Memory corruption while reading the FW response from the shared queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption 215 Mobile Firmware Csra6620 Firmware Csra6640 Firmware +100
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21459 HIGH PATCH This Week

Transient DOS while parsing per STA profile in ML IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +119
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-49844 HIGH This Week

Memory corruption while triggering commands in the PlayReady Trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +175
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21448 HIGH This Week

Transient DOS may occur while parsing SSID in action frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware Qca9888 Firmware +263
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-21434 HIGH This Week

Transient DOS may occur while parsing EHT operation IE or EHT capability IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +117
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-21430 HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcn9274 Firmware Qcm8550 Firmware +219
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-49848 MEDIUM This Month

Memory corruption while processing multiple IOCTL calls from HLOS to DSP. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption Ar8035 Firmware Fastconnect 6200 Firmware +143
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2024-45551 MEDIUM This Month

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Sm7250p Firmware Qcn9274 Firmware Qcm8550 Firmware Qcs8250 Firmware +236
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2024-45549 HIGH This Month

Information disclosure while creating MQ channels. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sm8550p Firmware Sm8635 Firmware Sm8635p Firmware Sm8650q Firmware +154
NVD
CVSS 3.1
7.7
EPSS
0.1%
CVE-2025-21424 HIGH PATCH This Week

Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcm8550 Firmware Qcs8250 Firmware +231
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53027 HIGH PATCH This Week

Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Sg8275p Firmware Qcn9274 Firmware Qcm8550 Firmware Qcs8250 Firmware Qcs6125 Firmware +202
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-53024 HIGH PATCH This Week

Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Buffer Overflow Denial Of Service Qcs6490 Firmware Qcs7230 Firmware +159
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53023 HIGH PATCH This Week

Memory corruption may occur while accessing a variable during extended back to back tests. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Use After Free Memory Corruption Ar8035 Firmware Fastconnect 6900 Firmware +100
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53014 HIGH PATCH This Week

Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sm6370 Firmware Sm6650 Firmware Sm7250p Firmware Sm7315 Firmware +240
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53011 HIGH This Week

Information disclosure may occur due to improper permission and access controls to Video Analytics engine. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +78
NVD
CVSS 3.1
7.9
EPSS
0.0%
CVE-2024-43051 MEDIUM This Month

Information disclosure while deriving keys for a session for any Widevine use case. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware Qcn9274 Firmware Qcm8550 Firmware +234
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-49843 HIGH PATCH This Month

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6200 Firmware Fastconnect 7800 Firmware Qca6391 Firmware Qcm6125 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49839 HIGH PATCH This Month

Memory corruption during management frame processing due to mismatch in T2LM info element. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +181
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-49838 HIGH PATCH This Month

Information disclosure while parsing the OCI IE with invalid length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +162
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-45584 HIGH PATCH This Month

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +118
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45553 HIGH PATCH This Month

Memory corruption can occur when process-specific maps are added to the global list. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Ar8035 Firmware Fastconnect 6200 Firmware +123
NVD
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 7.1
HIGH This Week

Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input. [CVSS 7.1 HIGH]

Information Disclosure Sw5100 Firmware Qcs9100 Firmware +153
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Snapdragon Ar2 Gen 1 Platform Firmware +156
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while processing shared command buffer packet between camera userspace and kernel. [CVSS 6.7 MEDIUM]

Linux Memory Corruption Csra6620 Firmware +134
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Memory corruption while handling buffer mapping operations in the cryptographic driver. [CVSS 6.6 MEDIUM]

Memory Corruption Snapdragon 778g 5g Mobile Platform Firmware Sa6150p Firmware +219
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure while processing a firmware event. [CVSS 6.1 MEDIUM]

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware +280
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Transient DOS while parsing video packets received from the video firmware. [CVSS 5.5 MEDIUM]

Sg8275p Firmware Sm7250p Firmware Qcm8550 Firmware +204
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing the EPTM test control message to get the test pattern. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8064au Firmware +200
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Transient DOS while processing an ANQP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware +368
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while handling client exceptions, allowing unauthorized channel access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow 315 5g Iot Modem Firmware +151
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure while processing the hash segment in an MBN file. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +346
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure while reading data from an image using specified offset and size parameters. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +339
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

Qcn5164 Firmware Qca4024 Firmware Qca8075 Firmware +333
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while handling beacon frames with invalid IE header length.

Buffer Overflow Ipq5300 Firmware Ipq5424 Firmware +208
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing data packets in diag received from Unix clients.

Buffer Overflow Sm8635p Firmware Qcn6274 Firmware +151
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing manipulated payload in video firmware.

Buffer Overflow Qcn5224 Firmware Video Collaboration Vc3 Platform Firmware +199
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing video packets received from video firmware.

Buffer Overflow Sg4150p Firmware Sd888 Firmware +332
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

Null Pointer Dereference Denial Of Service Wcn6450 Firmware +264
NVD
EPSS 0% CVSS 7.8
HIGH This Week

CVE-2025-21432 is a security vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Sg8275p Firmware Sm7250p Firmware Qcn9274 Firmware +234
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient denial-of-service vulnerability in wireless beacon frame processing that occurs when a device receives a malformed EHT (Extremely High Throughput) operation information element. An unauthenticated remote attacker can trigger a temporary service disruption by sending a specially crafted beacon frame, affecting WiFi 6E and later devices. With a CVSS score of 7.5 and high availability impact, this vulnerability requires no user interaction and is network-accessible, making it a notable threat to wireless infrastructure and client devices, though there is currently no evidence of active exploitation in the wild.

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware +207
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Ar8035 Firmware +145
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while reading the FW response from the shared queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption 215 Mobile Firmware +102
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing per STA profile in ML IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware +121
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while triggering commands in the PlayReady Trusted application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +177
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS may occur while parsing SSID in action frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware +265
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS may occur while parsing EHT operation IE or EHT capability IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6700 Firmware +119
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +221
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Memory corruption while processing multiple IOCTL calls from HLOS to DSP. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Use After Free Memory Corruption +145
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Sg8275p Firmware Sm7250p Firmware Qcn9274 Firmware +238
NVD
EPSS 0% CVSS 7.7
HIGH This Month

Information disclosure while creating MQ channels. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sm8550p Firmware Sm8635 Firmware +156
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +233
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Sg8275p Firmware Qcn9274 Firmware Qcm8550 Firmware +204
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Buffer Overflow Denial Of Service +161
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption may occur while accessing a variable during extended back to back tests. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Use After Free Memory Corruption +102
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sm6370 Firmware Sm6650 Firmware +242
NVD
EPSS 0% CVSS 7.9
HIGH This Week

Information disclosure may occur due to improper permission and access controls to Video Analytics engine. Rated high severity (CVSS 7.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Fastconnect 6700 Firmware +80
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Information disclosure while deriving keys for a session for any Widevine use case. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Sg8275p Firmware Qcn9074 Firmware Sm7250p Firmware +236
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6200 Firmware Fastconnect 7800 Firmware +49
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Month

Memory corruption during management frame processing due to mismatch in T2LM info element. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +183
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Month

Information disclosure while parsing the OCI IE with invalid length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +164
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware +120
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption can occur when process-specific maps are added to the global list. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free +125
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy