Vendor CVEs
Qualcomm
All CVEs
2,042 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-28538 | 0.00 | — | 0.00 | Sep 5, 2023 | Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. | |||
| CVE-2022-33275 | 0.00 | — | 0.00 | Sep 5, 2023 | Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | |||
| CVE-2023-32806 | 0.00 | — | 0.00 | Sep 4, 2023 | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589. | |||
| CVE-2022-48453 | 0.00 | — | 0.00 | Sep 4, 2023 | In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||
| CVE-2023-28561 | 0.00 | — | 0.00 | Aug 8, 2023 | Memory corruption in QESL while processing payload from external ESL device to firmware. | |||
| CVE-2023-21652 | 0.00 | — | 0.00 | Aug 8, 2023 | Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. | |||
| CVE-2023-21650 | 0.00 | — | 0.00 | Aug 8, 2023 | Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. | |||
| CVE-2023-28542 | 0.00 | — | 0.00 | Jul 4, 2023 | Memory Corruption in WLAN HOST while fetching TX status information. | |||
| CVE-2023-24851 | 0.00 | — | 0.00 | Jul 4, 2023 | Memory Corruption in WLAN HOST while parsing QMI response message from firmware. | |||
| CVE-2023-22667 | 0.00 | — | 0.00 | Jul 4, 2023 | Memory Corruption in Audio while allocating the ion buffer during the music playback. | |||
| CVE-2023-20689 | 0.00 | — | 0.00 | Jul 4, 2023 | In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741. | |||
| CVE-2023-33283 | 0.00 | — | 0.00 | Jun 7, 2023 | Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key. | |||
| CVE-2023-33282 | 0.00 | — | 0.01 | Jun 7, 2023 | Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote attacker is able to login and create a valid session. This makes it possible to make backend calls to endpoints in the application. | |||
| CVE-2023-33284 | 0.00 | — | 0.01 | Jun 7, 2023 | Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote attacker authenticated as any user is able to execute code in context of the web server. | |||
| CVE-2023-21670 | 0.00 | — | 0.00 | Jun 6, 2023 | Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. | |||
| CVE-2023-21669 | 0.00 | — | 0.00 | Jun 6, 2023 | Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. | |||
| CVE-2023-21632 | 0.00 | — | 0.00 | Jun 6, 2023 | Memory corruption in Automotive GPU while querying a gsl memory node. | |||
| CVE-2022-40525 | 0.00 | — | 0.00 | Jun 6, 2023 | Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis. | |||
| CVE-2022-33230 | 0.00 | — | 0.00 | Jun 6, 2023 | Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host | |||
| CVE-2022-33273 | 0.00 | — | 0.00 | May 2, 2023 | Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation. | |||
| CVE-2023-21666 | 0.00 | — | 0.00 | May 2, 2023 | Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. | |||
| CVE-2022-33292 | 0.00 | — | 0.00 | May 2, 2023 | Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it. | |||
| CVE-2022-33301 | 0.00 | — | 0.00 | Apr 4, 2023 | Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM. | |||
| CVE-2022-33282 | 0.00 | — | 0.00 | Apr 4, 2023 | Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. | |||
| CVE-2022-40537 | 0.00 | — | 0.00 | Mar 7, 2023 | Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | |||
| CVE-2022-33309 | 0.00 | — | 0.00 | Mar 7, 2023 | Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes. | |||
| CVE-2022-33278 | 0.00 | — | 0.00 | Mar 7, 2023 | Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity. | |||
| CVE-2022-33256 | 0.00 | — | 0.01 | Mar 7, 2023 | Memory corruption due to improper validation of array index in Multi-mode call processor. | |||
| CVE-2022-33242 | 0.00 | — | 0.00 | Mar 7, 2023 | Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD. | |||
| CVE-2022-25655 | 0.00 | — | 0.00 | Mar 7, 2023 | Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. | |||
| CVE-2022-47456 | 0.00 | — | 0.00 | Mar 7, 2023 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||
| CVE-2022-40514 | 0.00 | — | 0.00 | Feb 9, 2023 | Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. | |||
| CVE-2022-40512 | 0.00 | — | 0.00 | Feb 9, 2023 | Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. | |||
| CVE-2022-33248 | 0.00 | — | 0.00 | Feb 9, 2023 | Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | |||
| CVE-2022-33246 | 0.00 | — | 0.00 | Feb 9, 2023 | Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id. | |||
| CVE-2022-47370 | 0.00 | — | 0.00 | Feb 6, 2023 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||
| CVE-2022-47366 | 0.00 | — | 0.00 | Feb 6, 2023 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. | |||
| CVE-2022-47365 | 0.00 | — | 0.00 | Feb 6, 2023 | In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. | |||
| CVE-2022-38681 | 0.00 | — | 0.00 | Feb 6, 2023 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||
| CVE-2022-38680 | 0.00 | — | 0.00 | Feb 6, 2023 | In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||
| CVE-2022-47331 | 0.00 | — | 0.00 | Feb 6, 2023 | In wlan driver, there is a race condition. This could lead to local denial of service in wlan services. | |||
| CVE-2022-33299 | 0.00 | — | 0.00 | Jan 6, 2023 | Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data. | |||
| CVE-2022-33265 | 0.00 | — | 0.00 | Jan 6, 2023 | Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device. | |||
| CVE-2022-25746 | 0.00 | — | 0.00 | Jan 6, 2023 | Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping. | |||
| CVE-2022-22079 | 0.00 | — | 0.00 | Jan 6, 2023 | Denial of service while processing fastboot flash command on mmc due to buffer over read | |||
| CVE-2022-25673 | 0.00 | — | 0.00 | Dec 13, 2022 | Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile | |||
| CVE-2022-33268 | 0.00 | — | 0.00 | Dec 13, 2022 | Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||
| CVE-2022-25681 | 0.00 | — | 0.00 | Dec 13, 2022 | Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||
| CVE-2022-33235 | 0.00 | — | 0.00 | Dec 13, 2022 | Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,… | |||
| CVE-2022-25691 | 0.00 | — | 0.00 | Dec 13, 2022 | Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile |
- CVE-2023-28538Sep 5, 2023risk 0.00cvss —epss 0.00
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
- CVE-2022-33275Sep 5, 2023risk 0.00cvss —epss 0.00
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.
- CVE-2023-32806Sep 4, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.
- CVE-2022-48453Sep 4, 2023risk 0.00cvss —epss 0.00
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
- CVE-2023-28561Aug 8, 2023risk 0.00cvss —epss 0.00
Memory corruption in QESL while processing payload from external ESL device to firmware.
- CVE-2023-21652Aug 8, 2023risk 0.00cvss —epss 0.00
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
- CVE-2023-21650Aug 8, 2023risk 0.00cvss —epss 0.00
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.
- CVE-2023-28542Jul 4, 2023risk 0.00cvss —epss 0.00
Memory Corruption in WLAN HOST while fetching TX status information.
- CVE-2023-24851Jul 4, 2023risk 0.00cvss —epss 0.00
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
- CVE-2023-22667Jul 4, 2023risk 0.00cvss —epss 0.00
Memory Corruption in Audio while allocating the ion buffer during the music playback.
- CVE-2023-20689Jul 4, 2023risk 0.00cvss —epss 0.00
In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741.
- CVE-2023-33283Jun 7, 2023risk 0.00cvss —epss 0.00
Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key.
- CVE-2023-33282Jun 7, 2023risk 0.00cvss —epss 0.01
Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote attacker is able to login and create a valid session. This makes it possible to make backend calls to endpoints in the application.
- CVE-2023-33284Jun 7, 2023risk 0.00cvss —epss 0.01
Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote attacker authenticated as any user is able to execute code in context of the web server.
- CVE-2023-21670Jun 6, 2023risk 0.00cvss —epss 0.00
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.
- CVE-2023-21669Jun 6, 2023risk 0.00cvss —epss 0.00
Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address.
- CVE-2023-21632Jun 6, 2023risk 0.00cvss —epss 0.00
Memory corruption in Automotive GPU while querying a gsl memory node.
- CVE-2022-40525Jun 6, 2023risk 0.00cvss —epss 0.00
Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis.
- CVE-2022-33230Jun 6, 2023risk 0.00cvss —epss 0.00
Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host
- CVE-2022-33273May 2, 2023risk 0.00cvss —epss 0.00
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.
- CVE-2023-21666May 2, 2023risk 0.00cvss —epss 0.00
Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool.
- CVE-2022-33292May 2, 2023risk 0.00cvss —epss 0.00
Memory corruption in Qualcomm IPC due to use after free while receiving the incoming packet and reposting it.
- CVE-2022-33301Apr 4, 2023risk 0.00cvss —epss 0.00
Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM.
- CVE-2022-33282Apr 4, 2023risk 0.00cvss —epss 0.00
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.
- CVE-2022-40537Mar 7, 2023risk 0.00cvss —epss 0.00
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.
- CVE-2022-33309Mar 7, 2023risk 0.00cvss —epss 0.00
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.
- CVE-2022-33278Mar 7, 2023risk 0.00cvss —epss 0.00
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.
- CVE-2022-33256Mar 7, 2023risk 0.00cvss —epss 0.01
Memory corruption due to improper validation of array index in Multi-mode call processor.
- CVE-2022-33242Mar 7, 2023risk 0.00cvss —epss 0.00
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.
- CVE-2022-25655Mar 7, 2023risk 0.00cvss —epss 0.00
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
- CVE-2022-47456Mar 7, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
- CVE-2022-40514Feb 9, 2023risk 0.00cvss —epss 0.00
Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
- CVE-2022-40512Feb 9, 2023risk 0.00cvss —epss 0.00
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
- CVE-2022-33248Feb 9, 2023risk 0.00cvss —epss 0.00
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
- CVE-2022-33246Feb 9, 2023risk 0.00cvss —epss 0.00
Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.
- CVE-2022-47370Feb 6, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
- CVE-2022-47366Feb 6, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
- CVE-2022-47365Feb 6, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
- CVE-2022-38681Feb 6, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
- CVE-2022-38680Feb 6, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
- CVE-2022-47331Feb 6, 2023risk 0.00cvss —epss 0.00
In wlan driver, there is a race condition. This could lead to local denial of service in wlan services.
- CVE-2022-33299Jan 6, 2023risk 0.00cvss —epss 0.00
Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data.
- CVE-2022-33265Jan 6, 2023risk 0.00cvss —epss 0.00
Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device.
- CVE-2022-25746Jan 6, 2023risk 0.00cvss —epss 0.00
Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.
- CVE-2022-22079Jan 6, 2023risk 0.00cvss —epss 0.00
Denial of service while processing fastboot flash command on mmc due to buffer over read
- CVE-2022-25673Dec 13, 2022risk 0.00cvss —epss 0.00
Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile
- CVE-2022-33268Dec 13, 2022risk 0.00cvss —epss 0.00
Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- CVE-2022-25681Dec 13, 2022risk 0.00cvss —epss 0.00
Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
- CVE-2022-33235Dec 13, 2022risk 0.00cvss —epss 0.00
Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…
- CVE-2022-25691Dec 13, 2022risk 0.00cvss —epss 0.00
Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile
Page 19 of 41