Search Results (99 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-28585 1 Qualcomm 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more 2026-02-25 8.2 High
Memory corruption while loading an ELF segment in TEE Kernel.
CVE-2023-22388 1 Qualcomm 458 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 455 more 2025-12-16 9.8 Critical
Memory Corruption in Multi-mode Call Processor while processing bit mask API.
CVE-2024-21476 1 Qualcomm 103 Aqt1000, Aqt1000 Firmware, Ar8035 and 100 more 2025-12-16 7.8 High
Memory corruption when the channel ID passed by user is not validated and further used.
CVE-2023-33106 1 Qualcomm 309 Ar8035, Ar8035 Firmware, Csra6620 and 306 more 2025-10-28 8.4 High
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
CVE-2023-33107 1 Qualcomm 487 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 484 more 2025-10-28 8.4 High
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
CVE-2024-43047 1 Qualcomm 141 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6800 and 138 more 2025-10-28 7.8 High
Memory corruption while maintaining memory maps of HLOS memory.
CVE-2023-43513 1 Qualcomm 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more 2025-08-11 7.8 High
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
CVE-2023-28554 1 Qualcomm 296 Aqt1000, Aqt1000 Firmware, Ar9380 and 293 more 2025-08-11 6.1 Medium
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2023-28588 1 Qualcomm 428 Apq8017, Apq8017 Firmware, Apq8064au and 425 more 2025-08-11 7.5 High
Transient DOS in Bluetooth Host while rfc slot allocation.
CVE-2023-43536 1 Qualcomm 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more 2025-08-11 7.5 High
Transient DOS while parse fils IE with length equal to 1.
CVE-2023-33109 1 Qualcomm 620 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 617 more 2025-08-11 7.5 High
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host.
CVE-2023-28551 1 Qualcomm 496 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 493 more 2025-08-11 7.8 High
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-33064 1 Qualcomm 178 Aqt1000, Aqt1000 Firmware, Ar8035 and 175 more 2025-08-11 5.5 Medium
Transient DOS in Audio when invoking callback function of ASM driver.
CVE-2023-33098 1 Qualcomm 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 523 more 2025-08-11 7.5 High
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
CVE-2023-28570 1 Qualcomm 168 Aqt1000, Aqt1000 Firmware, Ar8035 and 165 more 2025-08-11 6.7 Medium
Memory corruption while processing audio effects.
CVE-2023-33094 1 Qualcomm 250 Ar8035, Ar8035 Firmware, Csra6620 and 247 more 2025-08-11 8.4 High
Memory corruption while running VK synchronization with KASAN enabled.
CVE-2023-33092 1 Qualcomm 190 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 187 more 2025-08-11 8.4 High
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
CVE-2023-28587 1 Qualcomm 380 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 377 more 2025-08-11 7.8 High
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level.
CVE-2023-33117 1 Qualcomm 282 Ar8035, Ar8035 Firmware, Csra6620 and 279 more 2025-08-11 7.8 High
Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.
CVE-2023-33118 1 Qualcomm 271 Ar8035, Ar8035 Firmware, Csra6620 and 268 more 2025-08-11 7.8 High
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.