VYPR

Vendor CVEs

Qualcomm

All CVEs

2,042 total · sorted by risk
  • CVE-2017-9685HigAug 18, 2017
    risk 0.53cvss 8.1epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to a Use After Free condition.

  • CVE-2016-10383HigAug 18, 2017
    risk 0.53cvss 8.1epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, there is a TOCTOU race condition in Secure UI.

  • CVE-2018-5872HigJul 6, 2018
    risk 0.52cvss 8.0epss 0.00

    While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur.

  • CVE-2015-9222HigApr 18, 2018
    risk 0.52cvss 7.5epss 0.04

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630,…

  • CVE-2000-0342HigApr 28, 2000
    risk 0.52cvss 7.5epss 0.03

    Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."

  • CVE-2026-25260HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.

  • CVE-2026-25259HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption while processing multiple IOCTL command for escape operations.

  • CVE-2026-25258HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption while processing IOCTL calls for escape operations.

  • CVE-2025-59606HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.

  • CVE-2025-59605HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when processing device identifier strings that exceed the expected maximum length.

  • CVE-2025-59604HigJun 1, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.

  • CVE-2026-24082HigMay 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when copying data from a freed source while executing performance counter deselect operation.

  • CVE-2025-47408HigMay 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption when another driver calls an IOCTL with invalid input/output buffer.

  • CVE-2025-47407HigMay 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.

  • CVE-2025-47405HigMay 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

  • CVE-2026-21382HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when handling power management requests with improperly sized input/output buffers.

  • CVE-2026-21380HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.

  • CVE-2026-21378HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.

  • CVE-2026-21376HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.

  • CVE-2026-21375HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.

  • CVE-2026-21374HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.

  • CVE-2026-21373HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.

  • CVE-2026-21372HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.

  • CVE-2026-21371HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory Corruption when retrieving output buffer with insufficient size validation.

  • CVE-2025-47391HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption while processing a frame request from user.

  • CVE-2025-47390HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption while preprocessing IOCTL request in JPEG driver.

  • CVE-2025-47389HigApr 6, 2026
    risk 0.51cvss 7.8epss 0.00

    Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.

  • CVE-2018-11292HigSep 20, 2018
    risk 0.51cvss 7.8epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632,…

  • CVE-2018-11285HigSep 20, 2018
    risk 0.51cvss 7.8epss 0.01

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632,…

  • CVE-2018-11277HigSep 20, 2018
    risk 0.51cvss 7.8epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image…

  • CVE-2018-11269HigSep 20, 2018
    risk 0.51cvss 7.8epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660,…

  • CVE-2018-11268HigSep 20, 2018
    risk 0.51cvss 7.8epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660,…

  • CVE-2018-11267HigSep 20, 2018
    risk 0.51cvss 7.8epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD…

  • CVE-2017-18280HigSep 20, 2018
    risk 0.51cvss 7.8epss 0.00

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has…

  • CVE-2018-11297HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is received from FW.

  • CVE-2018-11281HigSep 18, 2018
    risk 0.51cvss 7.8epss 0.00

    In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after…

  • CVE-2017-18155HigJul 12, 2018
    risk 0.51cvss 7.8epss 0.00

    While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.

  • CVE-2018-5862HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, when SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES are parsed, a buffer overwrite can…

  • CVE-2018-3570HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In the cpuidle driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, the list_for_each macro was not used correctly which could lead to an untrusted pointer dereference.

  • CVE-2018-5898HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function if the user supplied data "param_length" goes beyond certain limit in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-5893HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing a message from firmware in htt_t2h_msg_handler_fast() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer overwrite can occur.

  • CVE-2018-5889HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing a compressed kernel image, a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-5888HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-5887HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    While processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-5831HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In the KGSL driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a reference counting error can lead to a Use After Free condition.

  • CVE-2018-3597HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In the ADSP RPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, an arbitrary kernel write can occur.

  • CVE-2018-3569HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    A buffer over-read can occur during a fast initial link setup (FILS) connection in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

  • CVE-2018-11258HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD…

  • CVE-2018-11257HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850.

  • CVE-2017-18159HigJul 6, 2018
    risk 0.51cvss 7.8epss 0.00

    In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur.

Page 8 of 41