Search Results (203 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-33113 1 Qualcomm 254 Ar8035, Ar8035 Firmware, Csra6620 and 251 more 2025-08-11 8.4 High
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
CVE-2023-33114 1 Qualcomm 224 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 221 more 2025-08-11 8.4 High
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time.
CVE-2023-33117 1 Qualcomm 282 Ar8035, Ar8035 Firmware, Csra6620 and 279 more 2025-08-11 7.8 High
Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE command.
CVE-2023-33118 1 Qualcomm 271 Ar8035, Ar8035 Firmware, Csra6620 and 268 more 2025-08-11 7.8 High
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.
CVE-2023-33120 1 Qualcomm 464 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 461 more 2025-08-11 7.8 High
Memory corruption in Audio when memory map command is executed consecutively in ADSP.
CVE-2023-43511 1 Qualcomm 712 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 709 more 2025-08-11 7.5 High
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header.
CVE-2023-43513 1 Qualcomm 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more 2025-08-11 7.8 High
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
CVE-2023-43522 1 Qualcomm 572 Aqt1000, Aqt1000 Firmware, Ar8035 and 569 more 2025-08-11 7.5 High
Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL.
CVE-2023-43528 1 Qualcomm 182 Ar8035, Ar8035 Firmware, C-v2x 9150 and 179 more 2025-08-11 6.1 Medium
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
CVE-2023-43529 1 Qualcomm 322 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 319 more 2025-08-11 7.5 High
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
CVE-2023-43533 1 Qualcomm 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 473 more 2025-08-11 7.5 High
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
CVE-2023-43536 1 Qualcomm 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more 2025-08-11 7.5 High
Transient DOS while parse fils IE with length equal to 1.
CVE-2023-43546 1 Qualcomm 240 Ar8035, Ar8035 Firmware, Csra6620 and 237 more 2025-08-11 8.4 High
Memory corruption while invoking HGSL IOCTL context create.
CVE-2024-21475 1 Qualcomm 472 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 469 more 2025-08-11 7.8 High
Memory corruption when the payload received from firmware is not as per the expected protocol size.
CVE-2024-21453 1 Qualcomm 26 C-v2x 9150, C-v2x 9150 Firmware, Qcs410 and 23 more 2025-08-11 7.5 High
Transient DOS while decoding message of size that exceeds the available system memory.
CVE-2024-21468 1 Qualcomm 460 205 Mobile, 205 Mobile Firmware, 215 Mobile and 457 more 2025-08-11 8.4 High
Memory corruption when there is failed unmap operation in GPU.
CVE-2024-21471 1 Qualcomm 350 205 Mobile, 205 Mobile Firmware, 215 Mobile and 347 more 2025-08-11 8.4 High
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
CVE-2024-33045 1 Qualcomm 385 Ar8035, Ar8035 Firmware, Csra6620 and 382 more 2025-08-11 8.4 High
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVE-2024-33049 1 Qualcomm 262 Csr8811, Csr8811 Firmware, Fastconnect 6700 and 259 more 2025-08-11 7.5 High
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
CVE-2024-33050 1 Qualcomm 541 Ar8035, Ar8035 Firmware, Ar9380 and 538 more 2025-08-11 7.5 High
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.