VYPR

Vendor CVEs

Qualcomm

All CVEs

2,042 total · sorted by risk
  • CVE-2016-10235HigApr 4, 2018
    risk 0.49cvss 7.5epss 0.01

    A denial of service vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-34390620. References: QC-CR#1046409.

  • CVE-2018-3598HigApr 3, 2018
    risk 0.49cvss 7.5epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, insufficient validation of parameters from userspace in the camera driver can lead to information leak and…

  • CVE-2018-3584HigApr 3, 2018
    risk 0.49cvss 7.5epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnet_usb_ctrl_init().

  • CVE-2017-14875HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.01

    In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.

  • CVE-2017-18059HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_scan_event_callback(), which is received from firmware, leads to potential out of bounds memory read.

  • CVE-2017-18053HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for fix_param->vdev_id in wma_p2p_lo_event_handler(), which is received from firmware, leads to potential out of bounds memory read.

  • CVE-2017-18052HigMar 16, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for cmpl_params->num_reports, param_buf->desc_ids and param_buf->status in wma_mgmt_tx_bundle_completion_handler(), which is received from…

  • CVE-2017-14878HigMar 15, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a length variable which is used to copy data has a size of only 8 bits and can be exceeded resulting in a denial of service.

  • CVE-2006-6025HigNov 21, 2006
    risk 0.49cvss 7.5epss 0.01

    QUALCOMM Eudora WorldMail 4.0 allows remote attackers to cause a denial of service, as demonstrated by a certain module in VulnDisco Pack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. As of 20061118, this…

  • CVE-2026-24092HigJun 1, 2026
    risk 0.47cvss 7.2epss 0.00

    Memory Corruption when processing fastboot commands to set display mode.

  • CVE-2026-24091HigJun 1, 2026
    risk 0.47cvss 7.2epss 0.00

    Memory corruption while processing fastboot commands with improperly formatted input.

  • CVE-2026-24089HigJun 1, 2026
    risk 0.47cvss 7.2epss 0.00

    Memory corruption while processing fastboot commands with invalid input.

  • CVE-2026-24087HigJun 1, 2026
    risk 0.47cvss 7.2epss 0.00

    Memory corruption while processing fastboot OEM commands.

  • CVE-2026-24085HigJun 1, 2026
    risk 0.47cvss 7.2epss 0.00

    Memory Corruption when processing display command line information due to improper initialization of a variable.

  • CVE-2018-5821HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in function wma_wow_wakeup_host_event(), wake_info->vdev_id is received from FW and is used directly as array index…

  • CVE-2018-5820HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wma_tbttoffset_update_event_handler(), a parameter received from firmware is used to allocate memory…

  • CVE-2017-15836HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if the firmware sends a service ready event to the host with a large number in the num_hw_modes or num_phy, then it…

  • CVE-2017-14894HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vdev id is received from firmware as part of WMI_VDEV_START_RESP_EVENTID. This…

  • CVE-2017-14890HigApr 3, 2018
    risk 0.47cvss 7.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, the vdev_map value is not properly validated leading to a potential buffer…

  • CVE-2026-24090HigJun 1, 2026
    risk 0.46cvss 7.1epss 0.00

    Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow.

  • CVE-2025-47400HigApr 6, 2026
    risk 0.46cvss 7.1epss 0.00

    Cryptographic issue while copying data to a destination buffer without validating its size.

  • CVE-2018-5853HigJul 6, 2018
    risk 0.46cvss 7.0epss 0.00

    A race condition exists in a driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-05-05 potentially leading to a use-after-free condition.

  • CVE-2018-5896HigJul 6, 2018
    risk 0.46cvss 7.1epss 0.00

    In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be…

  • CVE-2017-15856HigJul 6, 2018
    risk 0.46cvss 7.0epss 0.00

    Due to a race condition while processing the power stats debug file to read status, a double free condition can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2017-15829HigFeb 23, 2018
    risk 0.46cvss 7.0epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition.

  • CVE-2016-5345HigJan 23, 2018
    risk 0.46cvss 7.0epss 0.00

    Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713.

  • CVE-2016-5868HigSep 25, 2017
    risk 0.46cvss 7.0epss 0.01

    drivers/net/ethernet/msm/rndis_ipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process.

  • CVE-2015-0576HigAug 18, 2017
    risk 0.46cvss 7.0epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.

  • CVE-2016-5862HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel…

  • CVE-2016-5860HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In an audio driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.

  • CVE-2016-5859HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In a sound driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.

  • CVE-2016-5853HigAug 16, 2017
    risk 0.46cvss 7.0epss 0.01

    In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, when a sanity check encounters a length value not in the correct range, an error message is printed, but code execution continues in the same way as for a correct length value.

  • CVE-2017-0621HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0620HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process.…

  • CVE-2017-0619HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2017-0614HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a…

  • CVE-2017-0613HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a…

  • CVE-2017-0612HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a…

  • CVE-2017-0611HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0610HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0609HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0608HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0607HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0606HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0465HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2016-10291HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm Slimbus driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2016-10290HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.02

    An elevation of privilege vulnerability in the Qualcomm shared memory driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:…

  • CVE-2016-10289HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-10288HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-10287HigMay 12, 2017
    risk 0.46cvss 7.0epss 0.01

    An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android.…

Page 13 of 41