Skip to main content

Video Collaboration Vc3 Platform Firmware

309 CVEs product

Monthly

CVE-2025-21448 HIGH This Week

Transient DOS may occur while parsing SSID in action frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcn9070 Firmware Qcn9072 Firmware Qcn9074 Firmware Qcn9100 Firmware +263
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-21441 HIGH This Week

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 7800 Firmware Qca1062 Firmware Qca1064 Firmware +46
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21440 HIGH This Week

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +46
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21439 HIGH This Month

Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Qca6595au Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21438 HIGH This Week

Memory corruption while IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +40
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21434 HIGH This Week

Transient DOS may occur while parsing EHT operation IE or EHT capability IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcs8300 Firmware Qcs8550 Firmware Qcs9100 Firmware Qfw7114 Firmware +117
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2025-21430 HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Apq8064au Firmware Aqt1000 Firmware +219
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-21429 HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Sa9000p Firmware Sd626 Firmware Sd660 Firmware Sd670 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-21423 HIGH This Week

Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +41
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-21421 HIGH This Week

Memory corruption while processing escape code in API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +41
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45552 HIGH This Week

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apq8064au Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +142
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-45551 MEDIUM This Month

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Fastconnect 6700 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +236
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2024-45543 MEDIUM This Month

Memory corruption while accessing MSM channel map and mixer functions. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow C V2x 9150 Firmware Fastconnect 6200 Firmware Fastconnect 6800 Firmware +62
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-45540 MEDIUM This Month

Memory corruption while invoking IOCTL map buffer request from userspace. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Memory Corruption Buffer Overflow C V2x 9150 Firmware Fastconnect 6200 Firmware +66
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-43067 HIGH This Week

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qca6391 Firmware Qca6426 Firmware Qca6436 Firmware Qca6574au Firmware +54
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-43066 HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Memory Corruption Buffer Overflow Csrb31024 Firmware Fastconnect 6200 Firmware +96
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-43065 HIGH This Week

Cryptographic issues while generating an asymmetric key pair for RKP use cases. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 7800 Firmware Qam8255p Firmware Qam8295p Firmware Qam8620p Firmware +160
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-43046 MEDIUM This Month

There may be information disclosure during memory re-allocation in TZ Secure OS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Csr8811 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +304
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-33058 HIGH This Month

Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. Rated high severity (CVSS 7.5). No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +185
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-21424 HIGH PATCH This Week

Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +231
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53027 HIGH PATCH This Week

Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qca9367 Firmware Qca9377 Firmware Qcc2073 Firmware Qcc2076 Firmware +202
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2024-53024 HIGH PATCH This Week

Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Buffer Overflow Denial Of Service Qcs6490 Firmware Qcs7230 Firmware +159
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-53014 HIGH PATCH This Week

Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sm6370 Firmware Sm6650 Firmware Sm7250p Firmware Sm7315 Firmware +240
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-43057 HIGH PATCH This Week

Memory corruption while processing command in Glink linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow Qcn6224 Firmware Qcn6274 Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-43056 MEDIUM This Month

Transient DOS during hypervisor virtual I/O operation in a virtual machine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +183
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-43051 MEDIUM This Month

Information disclosure while deriving keys for a session for any Widevine use case. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +234
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-38426 MEDIUM This Month

While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass 315 5g Iot Firmware 9205 Lte Firmware Ar8035 Firmware +160
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-49839 HIGH PATCH This Month

Memory corruption during management frame processing due to mismatch in T2LM info element. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +181
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-49838 HIGH PATCH This Month

Information disclosure while parsing the OCI IE with invalid length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +162
NVD
CVSS 3.1
8.2
EPSS
0.1%
CVE-2024-49834 HIGH PATCH This Month

Memory corruption while power-up or power-down sequence of the camera sensor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +118
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49833 HIGH PATCH This Month

Memory corruption can occur in the camera when an invalid CID is used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qam8255p Firmware +74
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-49832 HIGH PATCH This Month

Memory corruption in Camera due to unusually high number of nodes passed to AXI port. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcs6490 Firmware Video Collaboration Vc3 Platform Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45582 HIGH PATCH This Month

Memory corruption while validating number of devices in Camera kernel . Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcm8550 Firmware Qcs6490 Firmware +29
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45573 HIGH This Month

Memory corruption may occour while generating test pattern due to negative indexing of display ID. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45571 HIGH PATCH This Month

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Ar8035 Firmware Csr8811 Firmware +148
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45569 CRITICAL PATCH This Week

Memory corruption while parsing the ML IE due to invalid frame content. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +169
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-45560 HIGH This Month

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +33
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38420 HIGH This Month

Memory corruption while configuring a Hypervisor based input virtual device. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +153
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-38418 HIGH PATCH This Month

Memory corruption while parsing the memory map info in IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow C V2x 9150 Firmware Csrb31024 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +57
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38417 MEDIUM PATCH This Month

Information disclosure while processing IO control commands. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Fastconnect 6900 Firmware +53
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-38416 MEDIUM PATCH This Month

Information disclosure during audio playback. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Fastconnect 6800 Firmware +68
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-38411 MEDIUM PATCH This Month

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Fastconnect 6900 Firmware Fastconnect 7800 Firmware +15
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-45558 HIGH PATCH This Month

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +178
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-45542 HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-45541 HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33067 MEDIUM PATCH This Month

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Csrb31024 Firmware +73
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-33055 MEDIUM PATCH This Month

Memory corruption while invoking IOCTL calls to unmap the DMA buffers. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Fastconnect 6900 Firmware Fastconnect 7800 Firmware +36
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-33041 MEDIUM PATCH This Month

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qam8295p Firmware +31
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2024-43050 HIGH This Week

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +51
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33063 HIGH PATCH This Week

Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Ar8035 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +120
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33056 HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +319
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33053 MEDIUM PATCH This Month

Memory corruption when multiple threads try to unregister the CVP buffer at the same time. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption C V2x 9150 Firmware Fastconnect 6200 Firmware +53
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-33044 HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csrb31024 Firmware +204
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33037 MEDIUM PATCH This Month

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure C V2x 9150 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +47
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-33036 MEDIUM PATCH This Month

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption C V2x 9150 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +48
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-38424 HIGH PATCH This Week

Memory corruption during GNSS HAL process initialization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Snapdragon W5 Gen 1 Wearable Platform Firmware Snapdragon 8 Gen 2 Mobile Platform Firmware +115
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38423 HIGH PATCH This Week

Memory corruption while processing GPU page table switch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8835 Firmware Wsa8830 Firmware Wsa8815 Firmware Wsa8810 Firmware +199
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38422 HIGH PATCH This Week

Memory corruption while processing voice packet with arbitrary data received from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +259
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38421 HIGH PATCH This Week

Memory corruption while processing GPU commands. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +74
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38419 HIGH PATCH This Week

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +144
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38415 HIGH PATCH This Week

Memory corruption while handling session errors from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +170
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38410 HIGH PATCH This Week

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38409 HIGH PATCH This Week

Memory corruption while station LL statistic handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38408 CRITICAL PATCH Act Now

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +225
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2024-38407 HIGH PATCH This Week

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +40
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-38406 HIGH PATCH This Week

Memory corruption while handling IOCTL calls in JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +40
NVD
CVSS 3.1
7.0
EPSS
0.1%
CVE-2024-38405 MEDIUM PATCH This Month

Transient DOS while processing the CU information from RNR IE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware Wsa8835 Firmware +94
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-33068 MEDIUM PATCH This Month

Transient DOS while parsing fragments of MBSSID IE from beacon frame. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Wsa8845h Firmware Wsa8845 Firmware +119
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-33032 MEDIUM PATCH This Month

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Wsa8835 Firmware Wsa8832 Firmware Wsa8830 Firmware Wsa8815 Firmware +63
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-43047 HIGH KEV PATCH THREAT This Week

Memory corruption while maintaining memory maps of HLOS memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Fastconnect 6700 Firmware Fastconnect 6800 Firmware +60
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2024-38397 HIGH This Week

Transient DOS while parsing probe response and assoc response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8 Gen 2 Mobile Platform Firmware Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +111
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33073 HIGH This Week

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Wsa8845h Firmware Wsa8845 Firmware Wsa8840 Firmware +155
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2024-33065 HIGH This Week

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Af Firmware Snapdragon 8Cx Compute Platform Sc8180Xp Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180Xp Aa Firmware +41
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-33049 HIGH This Week

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon W5 Gen 1 Wearable Platform Firmware Wsa8835 Firmware Wsa8830 Firmware Wsa8810 Firmware +127
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-23369 HIGH This Week

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 888 5G Mobile Platform Sm8350 Ac Firmware Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware Wsa8845h Firmware Wsa8845 Firmware +114
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38402 HIGH PATCH This Week

Memory corruption while processing IOCTL call for getting group info. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware +161
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-38401 HIGH PATCH This Week

Memory corruption while processing concurrent IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware C V2x 9150 Firmware +38
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33060 HIGH PATCH This Week

Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption 315 5g Iot Firmware Aqt1000 Firmware +241
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-33057 HIGH PATCH This Week

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +166
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33054 HIGH PATCH This Week

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcm5430 Firmware +28
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33052 HIGH PATCH This Week

Memory corruption when user provides data for FM HCI command control operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +193
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33051 HIGH This Week

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware 9206 Lte Firmware Apq8017 Firmware Aqt1000 Firmware +278
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33050 HIGH PATCH This Week

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Csra6620 Firmware +248
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33048 HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +183
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-33047 HIGH This Week

Memory corruption when the captureRead QDCM command is invoked from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcm5430 Firmware +20
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33045 HIGH PATCH This Week

Memory corruption when BTFM client sends new messages over Slimbus to ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware Csra6640 Firmware Fastconnect 6200 Firmware +171
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33043 MEDIUM PATCH This Month

Transient DOS while handling PS event when Program Service name length offset value is set to 255. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +193
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-33042 HIGH PATCH This Week

Memory corruption when Alternative Frequency offset value is set to 255. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +192
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33038 HIGH PATCH This Week

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qcm4490 Firmware +39
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-33035 HIGH This Week

Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Qam8255p Firmware Qam8620p Firmware Qam8650p Firmware +86
NVD
CVSS 3.1
8.4
EPSS
0.1%
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS may occur while parsing SSID in action frames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcn9070 Firmware Qcn9072 Firmware +265
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 7800 Firmware +48
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Aqt1000 Firmware +48
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6700 Firmware +24
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Fastconnect 6200 Firmware +42
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS may occur while parsing EHT operation IE or EHT capability IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qcs8300 Firmware Qcs8550 Firmware +119
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware +221
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Sa9000p Firmware Sd626 Firmware +180
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +43
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while processing escape code in API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +43
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Apq8064au Firmware +144
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Fastconnect 6700 Firmware Fastconnect 6800 Firmware +238
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

Memory corruption while accessing MSM channel map and mixer functions. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow C V2x 9150 Firmware +64
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

Memory corruption while invoking IOCTL map buffer request from userspace. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Memory Corruption Buffer Overflow +68
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qca6391 Firmware Qca6426 Firmware +56
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Memory Corruption Buffer Overflow +98
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Cryptographic issues while generating an asymmetric key pair for RKP use cases. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fastconnect 7800 Firmware Qam8255p Firmware +162
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

There may be information disclosure during memory re-allocation in TZ Secure OS. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Csr8811 Firmware Csra6620 Firmware +306
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. Rated high severity (CVSS 7.5). No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +187
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow +233
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qca9367 Firmware Qca9377 Firmware +204
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Buffer Overflow Denial Of Service +161
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Sm6370 Firmware Sm6650 Firmware +242
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing command in Glink linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Buffer Overflow +151
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Transient DOS during hypervisor virtual I/O operation in a virtual machine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +185
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Information disclosure while deriving keys for a session for any Widevine use case. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Aqt1000 Firmware +236
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

While processing the authentication message in UE, improper authentication may lead to information disclosure. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass 315 5g Iot Firmware +162
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Month

Memory corruption during management frame processing due to mismatch in T2LM info element. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +183
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Month

Information disclosure while parsing the OCI IE with invalid length. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +164
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption while power-up or power-down sequence of the camera sensor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Csra6620 Firmware Csra6640 Firmware +120
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption can occur in the camera when an invalid CID is used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +76
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption in Camera due to unusually high number of nodes passed to AXI port. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware +23
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption while validating number of devices in Camera kernel . Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware +31
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption may occour while generating test pattern due to negative indexing of display ID. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6700 Firmware +23
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free +150
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH This Week

Memory corruption while parsing the ML IE due to invalid frame content. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +171
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +35
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Memory corruption while configuring a Hypervisor based input virtual device. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware +155
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Month

Memory corruption while parsing the memory map info in IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow C V2x 9150 Firmware Csrb31024 Firmware +59
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure while processing IO control commands. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +55
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure during audio playback. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +70
NVD
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free +17
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Month

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +180
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Aqt1000 Firmware +50
NVD
EPSS 0% CVSS 7.8
HIGH This Month

Memory corruption when IOCTL call is invoked from user-space to read board data. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +49
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware +75
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while invoking IOCTL calls to unmap the DMA buffers. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free +38
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Memory Corruption Buffer Overflow Fastconnect 6900 Firmware +33
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Aqt1000 Firmware +53
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Ar8035 Firmware +122
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware 9205 Lte Modem Firmware +321
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption when multiple threads try to unregister the CVP buffer at the same time. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +55
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Modem Firmware Aqt1000 Firmware +206
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure C V2x 9150 Firmware +49
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Memory Corruption C V2x 9150 Firmware +50
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption during GNSS HAL process initialization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +117
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing GPU page table switch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8835 Firmware Wsa8830 Firmware +201
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing voice packet with arbitrary data received from ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +261
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing GPU commands. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +76
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +146
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while handling session errors from firmware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +172
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Stack Overflow Wsa8845h Firmware +24
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while station LL statistic handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +23
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wsa8845h Firmware Wsa8845 Firmware +227
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Aqt1000 Firmware Fastconnect 6200 Firmware +42
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Memory corruption while handling IOCTL calls in JPEG Encoder driver. Rated high severity (CVSS 7.0).

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +42
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Transient DOS while processing the CU information from RNR IE. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Wsa8845h Firmware Wsa8845 Firmware +96
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Transient DOS while parsing fragments of MBSSID IE from beacon frame. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption +121
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Wsa8835 Firmware Wsa8832 Firmware +65
NVD
EPSS 1% CVSS 7.8
HIGH KEV PATCH THREAT This Week

Memory corruption while maintaining memory maps of HLOS memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +62
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing probe response and assoc response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8 Gen 2 Mobile Platform Firmware Wsa8845h Firmware +113
NVD
EPSS 0% CVSS 8.2
HIGH This Week

Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Wsa8845h Firmware +157
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption while taking snapshot when an offset variable is set by camera driver. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Ac Firmware Snapdragon 8Cx Gen 2 5G Compute Platform Sc8180X Af Firmware +43
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon W5 Gen 1 Wearable Platform Firmware Wsa8835 Firmware +129
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Snapdragon 888 5G Mobile Platform Sm8350 Ac Firmware Snapdragon 865 5G Mobile Platform Sm8250 Ab Firmware +116
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing IOCTL call for getting group info. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +163
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while processing concurrent IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +40
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when two threads try to map and unmap a single node simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption +243
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +168
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +30
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when user provides data for FM HCI command control operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware +195
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 315 5g Iot Firmware 9206 Lte Firmware +280
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware +250
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Ar8035 Firmware Csr8811 Firmware +185
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory corruption when the captureRead QDCM command is invoked from user-space. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +22
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when BTFM client sends new messages over Slimbus to ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Ar8035 Firmware Csra6620 Firmware +173
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Transient DOS while handling PS event when Program Service name length offset value is set to 255. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware +195
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption when Alternative Frequency offset value is set to 255. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8017 Firmware Aqt1000 Firmware +194
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 6700 Firmware Fastconnect 6900 Firmware +41
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Qam8255p Firmware +88
NVD
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy