VYPR

Vendor CVEs

Qualcomm

All CVEs

2,042 total · sorted by risk
  • CVE-2023-28538Sep 5, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

  • CVE-2022-33275Sep 5, 2023
    risk 0.00cvss epss 0.00

    Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

  • CVE-2023-32806Sep 4, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.

  • CVE-2022-48453Sep 4, 2023
    risk 0.00cvss epss 0.00

    In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

  • CVE-2023-28561Aug 8, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in QESL while processing payload from external ESL device to firmware.

  • CVE-2023-21652Aug 8, 2023
    risk 0.00cvss epss 0.00

    Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.

  • CVE-2023-21650Aug 8, 2023
    risk 0.00cvss epss 0.00

    Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

  • CVE-2023-28542Jul 4, 2023
    risk 0.00cvss epss 0.00

    Memory Corruption in WLAN HOST while fetching TX status information.

  • CVE-2023-24851Jul 4, 2023
    risk 0.00cvss epss 0.00

    Memory Corruption in WLAN HOST while parsing QMI response message from firmware.

  • CVE-2023-22667Jul 4, 2023
    risk 0.00cvss epss 0.00

    Memory Corruption in Audio while allocating the ion buffer during the music playback.

  • CVE-2023-20689Jul 4, 2023
    risk 0.00cvss epss 0.00

    In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741.

  • CVE-2023-33283Jun 7, 2023
    risk 0.00cvss epss 0.00

    Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key.

  • CVE-2023-33282Jun 7, 2023
    risk 0.00cvss epss 0.01

    Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote attacker is able to login and create a valid session. This makes it possible to make backend calls to endpoints in the application.

  • CVE-2023-33284Jun 7, 2023
    risk 0.00cvss epss 0.01

    Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote attacker authenticated as any user is able to execute code in context of the web server.

  • CVE-2023-21670Jun 6, 2023
    risk 0.00cvss epss 0.00

    Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

  • CVE-2023-21669Jun 6, 2023
    risk 0.00cvss epss 0.00

    Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.

  • CVE-2023-21632Jun 6, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in Automotive GPU while querying a gsl memory node.

  • CVE-2022-40525Jun 6, 2023
    risk 0.00cvss epss 0.00

    Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.

  • CVE-2022-33230Jun 6, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

  • CVE-2022-33273May 2, 2023
    risk 0.00cvss epss 0.00

    Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

  • CVE-2023-21666May 2, 2023
    risk 0.00cvss epss 0.00

    Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.

  • CVE-2022-33292May 2, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it.

  • CVE-2022-33301Apr 4, 2023
    risk 0.00cvss epss 0.00

    Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM.

  • CVE-2022-33282Apr 4, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.

  • CVE-2022-40537Mar 7, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.

  • CVE-2022-33309Mar 7, 2023
    risk 0.00cvss epss 0.00

    Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

  • CVE-2022-33278Mar 7, 2023
    risk 0.00cvss epss 0.00

    Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

  • CVE-2022-33256Mar 7, 2023
    risk 0.00cvss epss 0.01

    Memory corruption due to improper validation of array index in Multi-mode call processor.

  • CVE-2022-33242Mar 7, 2023
    risk 0.00cvss epss 0.00

    Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

  • CVE-2022-25655Mar 7, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

  • CVE-2022-47456Mar 7, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

  • CVE-2022-40514Feb 9, 2023
    risk 0.00cvss epss 0.00

    Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

  • CVE-2022-40512Feb 9, 2023
    risk 0.00cvss epss 0.00

    Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

  • CVE-2022-33248Feb 9, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

  • CVE-2022-33246Feb 9, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

  • CVE-2022-47370Feb 6, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

  • CVE-2022-47366Feb 6, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.

  • CVE-2022-47365Feb 6, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.

  • CVE-2022-38681Feb 6, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

  • CVE-2022-38680Feb 6, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

  • CVE-2022-47331Feb 6, 2023
    risk 0.00cvss epss 0.00

    In wlan driver, there is a race condition. This could lead to local denial of service in wlan services.

  • CVE-2022-33299Jan 6, 2023
    risk 0.00cvss epss 0.00

    Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data.

  • CVE-2022-33265Jan 6, 2023
    risk 0.00cvss epss 0.00

    Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device.

  • CVE-2022-25746Jan 6, 2023
    risk 0.00cvss epss 0.00

    Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

  • CVE-2022-22079Jan 6, 2023
    risk 0.00cvss epss 0.00

    Denial of service while processing fastboot flash command on mmc due to buffer over read

  • CVE-2022-25673Dec 13, 2022
    risk 0.00cvss epss 0.00

    Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile

  • CVE-2022-33268Dec 13, 2022
    risk 0.00cvss epss 0.00

    Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

  • CVE-2022-25681Dec 13, 2022
    risk 0.00cvss epss 0.00

    Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

  • CVE-2022-33235Dec 13, 2022
    risk 0.00cvss epss 0.00

    Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2022-25691Dec 13, 2022
    risk 0.00cvss epss 0.00

    Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile

Page 19 of 41