ByteOS Network

Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to AGM.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-704

Incorrect Type Conversion or Cast

CVE-2022-33298

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.09% / 24.84%

7 Day CHG~0.00%

Published-04 Apr, 2023 | 04:46

Updated-03 Aug, 2024 | 08:01

Use after free in Modem

Memory corruption due to use after free in Modem while modem initialization.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2022-33227

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 12.43%

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:38

Updated-03 Aug, 2024 | 08:01

Double free in Linux-Android

Memory corruption in Linux android due to double free while calling unregister provider after register call.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-415

Double Free

CVE-2022-33240

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.05% / 14.82%

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:38

Updated-03 Aug, 2024 | 08:01

Incorrect type conversion or cast in Audio

Memory corruption in Audio due to incorrect type cast during audio use-cases.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-704

Incorrect Type Conversion or Cast

CVE-2022-25715

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.56%

7 Day CHG~0.00%

Published-06 Jan, 2023 | 04:42

Updated-09 Apr, 2025 | 19:57

Incorrect type casting in Display driver

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-704

Incorrect Type Conversion or Cast

CVE-2024-33040

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.07% / 20.51%

7 Day CHG~0.00%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:21

Use After Free in Camera Driver

Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2025-47344

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.63%

7 Day CHG~0.00%

Published-06 Jan, 2026 | 22:48

Updated-27 Jan, 2026 | 21:24

Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver

Memory corruption while handling sensor utility operations.

Vendor-Qualcomm Technologies, Inc.

Product-snapdragon_695_5g_mobile_platform_firmware sm8735_firmware wcd9375_firmware qcm5430 wcn3988_firmware sm8650q_firmware qca6595au_firmware snapdragon_8_gen_3_mobile_platform wcd9375 qca6574 wcn7860_firmware snapdragon_4_gen_2_mobile_platform_firmware wcn7861 qcs4490_firmware qca6574au_firmware sm7635p sm8635p_firmware sm6650_firmware wcn7880 qcs4490 sa6155p_firmware wsa8845_firmware video_collaboration_vc3_platform_firmware snapdragon_ar1_gen_1_platform_\"luna1\"_firmware sm8635p snapdragon_8_gen_3_mobile_platform_firmware sxr2250p_firmware wcn7750 sm8635_firmware qcs8550_firmware snapdragon_680_4g_mobile_platform qca6574a wcd9395_firmware wcn7881_firmware sm8750 sm4635_firmware sa8195p_firmware wsa8810_firmware snapdragon_480_5g_mobile_platform qca6595au qca6696_firmware robotics_rb2_platform_firmware sa8155p_firmware sm6650p sm8750p_firmware snapdragon_ar1_gen_1_platform_firmware wcn7860 qcs5430 sxr2330p qcs9100 qca6698aq_firmware wsa8835_firmware snapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)qcm5430_firmware wcn7881 qcs9100_firmware sm6650p_firmware sxr2330p_firmware fastconnect_6200_firmware csra6640 wcd9335 qca6574_firmware wsa8810 qca6574au qcm4490 wcn6755_firmware qca6574a_firmware csra6620 wsa8845h qcm4490_firmware sm7635_firmware wcn3950_firmware wcn7750_firmware wcn3950 sm6650 sm7635p_firmware sxr2250p fastconnect_6700_firmware fastconnect_6900_firmware sxr2230p_firmware wcn6740_firmware wcn6650 qcm6490_firmware fastconnect_6200 sm8735 sxr2350p robotics_rb2_platform wcn6650_firmware sm7635 sm8635 snapdragon_680_4g_mobile_platform_firmware snapdragon_695_5g_mobile_platform qcs8550 snapdragon_4_gen_2_mobile_platform fastconnect_6900 sa8155p sm8750p wcn6740 wsa8832 sm7675_firmware wcd9370 wcn6755 wcd9390 fastconnect_7800 snapdragon_480_5g_mobile_platform_firmware wsa8832_firmware qca6698aq wsa8840 sm8750_firmware sa6155p snapdragon_4_gen_1_mobile_platform wsa8830 sm7675p qmp1000 wcd9385 snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware qcs5430_firmware snapdragon_ar2_gen_1_platform_firmware snapdragon_ar2_gen_1_platform fastconnect_7800_firmware qcs6490 snapdragon_ar1_gen_1_platform snapdragon_662_mobile_platform wcd9335_firmware wsa8830_firmware qmp1000_firmware snapdragon_4_gen_1_mobile_platform_firmware wsa8840_firmware wsa8815_firmware wsa8835 wcn7880_firmware wcd9385_firmware sxr2230p qca6696 wcd9380_firmware csra6620_firmware wcn3988 video_collaboration_vc3_platform sm7675 qcm6490 sm7675p_firmware qcs6490_firmware wsa8815 wcd9378_firmware qcs615_firmware wcd9370_firmware sa8195p wsa8845 wsa8845h_firmware snapdragon_ar1_gen_1_platform_\"luna1\"qcs615 sm4635 wcd9378 wcd9395 sxr2350p_firmware wcd9380 snapdragon_662_mobile_platform_firmware snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware fastconnect_6700 wcd9390_firmware wcn7861_firmware sm8650q csra6640_firmware Snapdragon

CWE ID-CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CVE-2023-43545

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.19%

7 Day CHG~0.00%

Published-03 Jun, 2024 | 10:05

Updated-27 Jan, 2025 | 19:08

Integer Overflow or Wraparound in WLAN HOST

Memory corruption when more scan frequency list or channels are sent from the user space.

Vendor-Qualcomm Technologies, Inc.

Product-qca6584au_firmware qca6554a qcc2076_firmware qca8337_firmware wcd9335_firmware qfw7124_firmware qca6696_firmware qcc710 qca8081_firmware qcc2073_firmware qca6595au_firmware qca6584au qcn6224_firmware qfw7114_firmware qca8081 snapdragon_660_mobile qca6554a_firmware wcn3990 qca6564au sd660 qcn6224 snapdragon_x75_5g_modem-rf qcn6274_firmware qfw7114 fastconnect_7800 wcn3990_firmware ar8035 fastconnect_7800_firmware qca6564au_firmware qcc2073 sd660_firmware wcd9341_firmware wcd9340 qca6595_firmware qca8337 wcn3980_firmware qcc710_firmware ar8035_firmware qcn6274 qfw7124 qca6574a qca6595 qca6574a_firmware qcc2076 wcd9341 wcn3980 qca6574au qca6574 wcd9340_firmware wcd9335 qca6574_firmware qca6696 qca6595au snapdragon_660_mobile_firmware qca6574au_firmware snapdragon_x75_5g_modem-rf_firmware Snapdragon qca6564au_firmware qca8337_firmware qca6584au_firmware qcn6274_firmware wcn3990_firmware qca6696_firmware qca6595_firmware wcd9335_firmware qfw7114_firmware qcc2076_firmware qca6554a_firmware snapdragon_x75_5g_modem-rf_system_firmware qcc2073_firmware qca6574_firmware wcd9340_firmware qcc710_firmware qcn6224_firmware snapdragon_660_mobile_platform_firmware qca6574a_firmware sd660_firmware wcd9341_firmware fastconnect_7800_firmware qca6574au_firmware qca6595au_firmware qca8081_firmware wcn3980_firmware qfw7124_firmware ar8035_firmware

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2023-43544

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.19%

7 Day CHG~0.00%

Published-03 Jun, 2024 | 10:05

Updated-27 Jan, 2025 | 19:11

Use After Free in Audio

Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

Vendor-Qualcomm Technologies, Inc.

Product-qca6584au_firmware wsa8835 wsa8835_firmware wcn3988_firmware qca8337_firmware sa9000p qfw7124_firmware snapdragon_w5\+_gen_1_wearable wsa8830 qcc710 qca6698aq qca8081_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qca6584au qcn6224_firmware qfw7114_firmware qca8081 sa8770p_firmware snapdragon_w5\+_gen_1_wearable_firmware sw5100_firmware snapdragon_x75_5g_modem-rf qcn6224 qcn6274_firmware qfw7114 fastconnect_7800 qca6698aq_firmware sa9000p_firmware qam8255p ar8035 fastconnect_7800_firmware sw5100p_firmware sa8255p_firmware snapdragon_auto_5g_modem-rf_gen_2 sw5100p wcd9340 sa8775p qca8337 wcn3980_firmware qcc710_firmware ar8035_firmware qcn6274 qfw7124 wcn3980 qam8255p_firmware wcd9340_firmware sa8255p sa8775p_firmware wcn3988 qam8775p sa8770p wsa8830_firmware sw5100 qam8775p_firmware snapdragon_x75_5g_modem-rf_firmware Snapdragon qam8255p_firmware qca8337_firmware sa8770p_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qam8775p_firmware qca6584au_firmware qcn6274_firmware sa8775p_firmware qfw7114_firmware snapdragon_x75_5g_modem-rf_system_firmware wcd9340_firmware wcn3988_firmware qcc710_firmware qcn6224_firmware wsa8830_firmware sa9000p_firmware wsa8835_firmware fastconnect_7800_firmware sw5100_firmware qca8081_firmware wcn3980_firmware sa8255p_firmware qfw7124_firmware sw5100p_firmware ar8035_firmware qca6698aq_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware

CWE ID-CWE-416

Use After Free

CVE-2023-22384

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 5.83%

7 Day CHG~0.00%

Published-03 Oct, 2023 | 05:00

Updated-27 Feb, 2025 | 20:48

Buffer Copy Without Checking Size of Input in VR Service

Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).

Vendor-Qualcomm Technologies, Inc.

Product-sa6145p sa6155p_firmware sa6150p_firmware sa8145p_firmware qca6696_firmware sa8145p qca6696 sa8150p sa6150p qca6574au sa8155p sa6145p_firmware sa8155p_firmware sa8195p qca6574au_firmware sa8150p_firmware sa8195p_firmware sa6155p Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21634

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 12.38%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:03

Updated-02 Aug, 2024 | 09:44

Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.

Vendor-Qualcomm Technologies, Inc.

Product-snapdragon_855\+\/860_mobile_platform_firmware wsa8830 wcd9380_firmware sa6150p_firmware wcn3990 sa8145p_firmware sw5100p sd865_5g fastconnect_6800 snapdragon_w5\+_gen_1_wearable_platform snapdragon_835_mobile_pc_platform snapdragon_870_5g_mobile_platform_firmware snapdragon_865_5g_mobile_platform wsa8835 wcd9380 sa8150p_firmware qca6420_firmware qca6595au_firmware snapdragon_wear_4100\+_platform_firmware snapdragon_855\+\/860_mobile_platform sxr2130 snapdragon_wear_4100\+_platform qca6426 wcn3990_firmware qca6310_firmware qca6430_firmware wcd9335_firmware wcn3980 fastconnect_6200 wcd9340_firmware wcn3660b sd855 wsa8815 qca6320 snapdragon_865\+_5g_mobile_platform snapdragon_xr2_5g_platform_firmware qca6426_firmware wcn3660b_firmware qca6320_firmware snapdragon_x55_5g_modem-rf_system qca6574au_firmware snapdragon_835_mobile_pc_platform_firmware wcn3680b_firmware fastconnect_6200_firmware qca6595au sd835 wcn3980_firmware snapdragon_x55_5g_modem-rf_system_firmware qca6391 wcn3610_firmware qca6420 qca6436_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware aqt1000_firmware sa6155p_firmware qca6310 snapdragon_865\+_5g_mobile_platform_firmware snapdragon_870_5g_mobile_platform snapdragon_xr2_5g_platform fastconnect_6900 fastconnect_6900_firmware wcn3988_firmware qca6430 qca6574au sa6145p_firmware sa8155p_firmware wcd9340 sa8195p wsa8810_firmware wcd9341_firmware sw5100 wsa8810 qca6436 wcd9335 sa6155p sw5100p_firmware sa6145p wcn3680b sd835_firmware sxr2130_firmware wcd9341 qca6696_firmware sa8145p qca6696 qca6391_firmware snapdragon_855_mobile_platform_firmware aqt1000 sa8150p sa6150p sa8155p wsa8830_firmware sd855_firmware sd865_5g_firmware wcn3988 wsa8815_firmware wsa8835_firmware sa8195p_firmware snapdragon_865_5g_mobile_platform_firmware sw5100_firmware fastconnect_6800_firmware snapdragon_855_mobile_platform wcn3610 Snapdragon

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21650

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 12.22%

7 Day CHG~0.00%

Published-08 Aug, 2023 | 09:14

Updated-02 Aug, 2024 | 09:44

Improper Validation of Array Index in GPS HLOS Driver

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

Vendor-Qualcomm Technologies, Inc.

Product-wsa8830 sda429w_firmware sa6150p_firmware wcd9380_firmware sa8145p_firmware qcs610 sw5100p sd865_5g qca6564au qcc5100 csrb31024 sdx55m_firmware wsa8835 wcn3950_firmware wcd9380 sa8150p_firmware qca6420_firmware qca6595au_firmware qca6390_firmware qcs410 wcd9370 qca6574a qca6564 qca6426 qca6430_firmware wcn3980 sa415m wcn3998 qam8295p sdxr2_5g_firmware wcn3950 wcn3660b sd855 wsa8815 wcn6850 qam8295p_firmware qca6426_firmware wcn3660b_firmware qca6574a_firmware qca6574au_firmware wcn3680b_firmware qca6595au wcn3998_firmware wcn3980_firmware qca6391 wcn3610_firmware qca6420 qca6436_firmware sdx55m sa8295p qcc5100_firmware aqt1000_firmware qca6564au_firmware sa6155p_firmware csrb31024_firmware sdxr2_5g wcn6851_firmware sa415m_firmware wcn3988_firmware qca6430 qca6574au sa6145p_firmware sa8155p_firmware sa8195p wsa8810_firmware wcd9341_firmware sw5100 wsa8810 sd870 qca6436 wcn6851 sa6155p sw5100p_firmware qcs610_firmware sa6145p wcn3680b qca6564_firmware wcd9341 qca6696_firmware sa8145p sd870_firmware qca6696 qca6391_firmware qca6390 wcd9370_firmware aqt1000 sa8150p sa6150p sa8155p wsa8830_firmware sda429w sd855_firmware sd865_5g_firmware wcn3988 wcn6850_firmware wsa8815_firmware wsa8835_firmware sa8195p_firmware sw5100_firmware qcs410_firmware sa8295p_firmware wcn3610 Snapdragon

CWE ID-CWE-129

Improper Validation of Array Index

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-43532

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.05% / 16.75%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-17 Jun, 2025 | 21:29

Untrusted Pointer Dereference in Display

Memory corruption while reading ACPI config through the user mode app.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-763

Release of Invalid Pointer or Reference

CVE-2023-43518

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.3||HIGH

EPSS-0.11% / 28.51%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-11 Aug, 2025 | 15:06

Untrusted Pointer Dereference in Video

Memory corruption in video while parsing invalid mp2 clip.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-27069

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.33%

7 Day CHG~0.00%

Published-06 Aug, 2025 | 07:26

Updated-18 Aug, 2025 | 18:27

Untrusted Pointer Dereference in DSP Service

Memory corruption while processing DDI command calls.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_6900_firmware wsa8845h_firmware wsa8845 fastconnect_6900 fastconnect_7800_firmware wcd9385_firmware wsa8845h fastconnect_7800 sc8380xp_firmware wsa8845_firmware wsa8840 wcd9385 wcd9380_firmware wcd9380 wsa8840_firmware sc8380xp Snapdragon

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-27048

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.98%

7 Day CHG~0.00%

Published-09 Oct, 2025 | 03:17

Updated-26 Feb, 2026 | 17:48

Untrusted Pointer Dereference in Camera

Memory corruption while processing camera platform driver IOCTL calls.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-27060

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.8||HIGH

EPSS-0.02% / 4.98%

7 Day CHG~0.00%

Published-09 Oct, 2025 | 03:18

Updated-26 Feb, 2026 | 17:48

Untrusted Pointer Dereference in TZ Firmware

Memory corruption while performing SCM call with malformed inputs.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-21486

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.07% / 20.88%

7 Day CHG~0.00%

Published-03 Jun, 2025 | 05:53

Updated-26 Feb, 2026 | 18:27

Untrusted Pointer Dereference in DSP Service

Memory corruption during dynamic process creation call when client is only passing address and length of shell binary.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2023-21643

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.1||CRITICAL

EPSS-0.08% / 24.36%

7 Day CHG~0.00%

Published-08 Aug, 2023 | 09:14

Updated-02 Aug, 2024 | 09:44

Untrusted Pointer Dereference in Automotive

Memory corruption due to untrusted pointer dereference in automotive during system call.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-53034

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.12% / 30.59%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-26 Feb, 2026 | 19:09

Untrusted Pointer Dereference in DSP_Services

Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.

Vendor-Qualcomm Technologies, Inc.

Product-wcd9380_firmware sc8380xp sc8380xp_firmware fastconnect_6900 fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware wcd9385_firmware fastconnect_7800 wsa8845h_firmware wcd9380 wsa8845h wsa8845_firmware wsa8840 wcd9385 wsa8845 Snapdragon

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-53033

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.12% / 30.59%

7 Day CHG~0.00%

Published-03 Mar, 2025 | 10:07

Updated-26 Feb, 2026 | 19:09

Untrusted Pointer Dereference in DSP_Services

Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-45584

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 29.74%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-05 Feb, 2025 | 16:01

Untrusted Pointer Dereference in Automotive Android OS

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2025-47380

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 6.30%

7 Day CHG~0.00%

Published-06 Jan, 2026 | 22:48

Updated-27 Jan, 2026 | 19:23

Untrusted Pointer Dereference in Camera

Memory corruption while preprocessing IOCTLs in sensors.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-47408

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.01% / 2.00%

7 Day CHG~0.00%

Published-04 May, 2026 | 16:43

Updated-06 May, 2026 | 18:03

Untrusted Pointer Dereference in Power Optimization Firmware

Memory corruption when another driver calls an IOCTL with invalid input/output buffer.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-47405

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.01% / 2.00%

7 Day CHG~0.00%

Published-04 May, 2026 | 16:43

Updated-06 May, 2026 | 18:03

Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-47343

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 6.30%

7 Day CHG~0.00%

Published-06 Jan, 2026 | 22:48

Updated-12 Jan, 2026 | 15:39

Untrusted Pointer Dereference in Video

Memory corruption while processing a video session to set video parameters.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-47325

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-6.5||MEDIUM

EPSS-0.01% / 1.27%

7 Day CHG~0.00%

Published-18 Dec, 2025 | 05:29

Updated-23 Dec, 2025 | 21:54

Untrusted Pointer Dereference in TZ Firmware

Information disclosure while processing system calls with invalid parameters.

Vendor-Qualcomm Technologies, Inc.

Product-ipq8174_firmware ipq8072_firmware pmp8074_firmware qcn9000_firmware qcn9022 ipq8072a qca6438_firmware ipq8071a qca8081_firmware qcn6023 qcn9074_firmware qca8072 ipq8074_firmware qcn9074 qcn9024_firmware qca8072_firmware qcn5022_firmware qcn9022_firmware sdx55_firmware qcn5154_firmware ipq8071_firmware qcn5024_firmware qcn6023_firmware qcn9070 qca8075_firmware qca4024_firmware qcn5164 qcn5052 qcn5550_firmware ipq8173 qcn5024 ipq8174 ipq8072 qcn5152_firmware qcn5054 qca6438 qca8075 qcn5054_firmware ipq8076_firmware qca6428 ipq8076 ipq8173_firmware qcn5124 qca9888 ipq8074 qcn9070_firmware ipq8078a_firmware ipq8078_firmware qcn5550 qcn5064 ipq8070_firmware qcn6024 qca9888_firmware ipq8078a qcn5154 csr8811 ipq8071 ipq8072a_firmware qcn9072 pmp8074 qcn5022 qcn9000 qca4024 qcn5122_firmware ipq8078 qcn6024_firmware ipq8070 sdx55 qcn9024 ipq8071a_firmware qcn5052_firmware csr8811_firmware qcn5064_firmware ipq8076a_firmware qca6428_firmware qca8081 qcn5164_firmware ipq8074a qcn5124_firmware qca9889 qcn9072_firmware qca9889_firmware ipq8070a_firmware qcn5122 ipq8074a_firmware qcn5152 ipq8076a ipq8070a Snapdragon

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-47338

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.98%

7 Day CHG~0.00%

Published-09 Oct, 2025 | 03:18

Updated-26 Feb, 2026 | 17:48

Untrusted Pointer Dereference in DSP Service

Memory corruption while processing escape commands from userspace.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-33038

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 29.11%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Untrusted Pointer Dereference in Computer Vision

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.

Vendor-Qualcomm Technologies, Inc.

Product-qcm8550_firmware wsa8845_firmware wsa8832 wsa8840 qcs8550_firmware snapdragon_8\+_gen_1 wcd9370 snapdragon_8_gen_1_firmware wcd9385 wcd9395_firmware qcs4490_firmware snapdragon_8_gen_1 wcn6740_firmware sxr1230p_firmware wcd9390_firmware fastconnect_6700 snapdragon_8_gen_3 wsa8815_firmware wsa8832_firmware sg8275p wcd9370_firmware wcd9395 snapdragon_8_gen_2 snapdragon_4_gen_2_firmware ssg2125p sg8275p_firmware qcm6490_firmware qcm4490 talynplus qcm4490_firmware wcd9390 qcm6490 wcn3950 wsa8810_firmware wsa8845h_firmware sm8550p_firmware qcm8550 wcn3988 qcs6490_firmware talynplus_firmware wsa8835 wsa8840_firmware snapdragon_8\+_gen_2 qcs5430 wsa8845h wcd9380_firmware qcm5430 wsa8815 qcm5430_firmware sd_8_gen1_5g wsa8830 snapdragon_ar2_gen_1_firmware sm8550p ssg2115p wcn6755_firmware wcn6740 snapdragon_8\+_gen_1_firmware sd_8_gen1_5g_firmware fastconnect_6900 fastconnect_7800_firmware snapdragon_4_gen_2 snapdragon_8_gen_3_firmware snapdragon_8_gen_2_firmware wcd9375_firmware sm8635 qcs5430_firmware ssg2125p_firmware sm8635_firmware wcd9385_firmware wcn3950_firmware fastconnect_6900_firmware wcd9380 qcs8550 fastconnect_7800 qcs4490 wcn6755 wcd9375 snapdragon_8\+_gen_2_firmware wsa8845 snapdragon_ar2_gen_1 wcn3988_firmware fastconnect_6700_firmware video_collaboration_vc3_platform_firmware wsa8835_firmware sxr1230p wsa8810 ssg2115p_firmware qcs6490 wsa8830_firmware video_collaboration_vc3_platform Snapdragon wcn6740_firmware talynplus_firmware wcd9380_firmware qcm4490_firmware qcm8550_firmware qcs4490_firmware qcm6490_firmware wsa8832_firmware wsa8840_firmware sg8275p_firmware fastconnect_6900_firmware qcs8550_firmware wcn3988_firmware sxr1230p_firmware fastconnect_6700_firmware wcn3950_firmware wsa8810_firmware fastconnect_7800_firmware wcn6755_firmware snapdragon_ar2_gen_1_platform_firmware wcd9395_firmware snapdragon_8_gen_1_mobile_platform_firmware snapdragon_4_gen_2_mobile_platform_firmware ssg2125p_firmware sm8635_firmware qcm5430_firmware qcs6490_firmware qcs5430_firmware qualcomm_video_collaboration_vc3_platform_firmware wcd9385_firmware wcd9370_firmware sm8550p_firmware sd_8_gen1_5g_firmware snapdragon_8_gen_3_mobile_platform_firmware wcd9390_firmware wsa8830_firmware wsa8845_firmware wsa8815_firmware wsa8835_firmware ssg2115p_firmware wcd9375_firmware wsa8845h_firmware snapdragon_8_gen_2_mobile_platform_firmware

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2025-47387

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.01% / 2.61%

7 Day CHG~0.00%

Published-18 Dec, 2025 | 05:29

Updated-28 Jan, 2026 | 15:46

Untrusted Pointer Dereference in Camera

Memory Corruption when processing IOCTLs for JPEG data without verification.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-21455

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.20% / 41.63%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-11 Aug, 2025 | 15:06

Untrusted Pointer Dereference in DSP Service

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.

Vendor-Qualcomm Technologies, Inc.

Product-sa8295p_firmware qca6696_firmware qca6688aq qam8295p_firmware qca6595 wcd9370 wsa8815 video_collaboration_vc1_platform_firmware sg4150p qca6696 qcm6125_firmware qca6698aq_firmware qca6584au qcs6125_firmware qca6595_firmware wcd9375_firmware wsa8815_firmware wcd9370_firmware video_collaboration_vc1_platform qca6698aq wcn3950_firmware snapdragon_680_4g_mobile_platform sg4150p_firmware sa8295p snapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware qam8295p snapdragon_auto_5g_modem-rf_gen_2 wcd9375 qca6688aq_firmware wcn3950 wsa8810_firmware qcs6125 qcm6125 wsa8810 snapdragon_680_4g_mobile_platform_firmware wcn3980_firmware qca6584au_firmware wcn3980 snapdragon_auto_5g_modem-rf_gen_2_firmware Snapdragon qualcomm_video_collaboration_vc1_platform_firmware qcs6125_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qca6584au_firmware qca6696_firmware qca6595_firmware qcm6125_firmware wcd9370_firmware qam8295p_firmware wcn3950_firmware wsa8815_firmware wsa8810_firmware wcd9375_firmware wcn3980_firmware sa8295p_firmware sg4150p_firmware snapdragon_680_4g_mobile_platform_firmware qca6688aq_firmware qca6698aq_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2022-40533

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-6.2||MEDIUM

EPSS-0.05% / 16.42%

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:39

Updated-03 Aug, 2024 | 12:21

Untrusted Pointer Dereference in Core

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-43631

Matching Score-4

Assigner-Microsoft Corporation

View Details

Matching Score-4

Assigner-Microsoft Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.12% / 30.71%

7 Day CHG~0.00%

Published-12 Nov, 2024 | 17:53

Updated-08 Jul, 2025 | 15:41

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Vendor-Microsoft Corporation

Product-windows_11_24h2 windows_10_21h2 windows_server_2022_23h2 windows_server_2025 windows_11_23h2 windows_server_2022 windows_11_22h2 windows_10_22h2 Windows Server 2022 Windows 10 Version 21H2 Windows 11 Version 24H2 Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 Windows Server 2025 (Server Core installation)Windows 11 version 22H2 Windows 10 Version 22H2 Windows 11 Version 23H2 Windows 11 version 22H3

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-43646

Matching Score-4

Assigner-Microsoft Corporation

View Details

Matching Score-4

Assigner-Microsoft Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.12% / 30.71%

7 Day CHG~0.00%

Published-12 Nov, 2024 | 17:53

Updated-08 Jul, 2025 | 15:41

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Vendor-Microsoft Corporation

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-37982

Matching Score-4

Assigner-Microsoft Corporation

View Details

Matching Score-4

Assigner-Microsoft Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.19% / 41.02%

7 Day CHG~0.00%

Published-08 Oct, 2024 | 17:35

Updated-08 Jul, 2025 | 15:38

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Vendor-Microsoft Corporation

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-37983

Matching Score-4

Assigner-Microsoft Corporation

View Details

Matching Score-4

Assigner-Microsoft Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.25% / 47.95%

7 Day CHG~0.00%

Published-08 Oct, 2024 | 17:35

Updated-08 Jul, 2025 | 15:38

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

Vendor-Microsoft Corporation

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-37979

Matching Score-4

Assigner-Microsoft Corporation

View Details

Matching Score-4

Assigner-Microsoft Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.19% / 41.02%

7 Day CHG~0.00%

Published-08 Oct, 2024 | 17:35

Updated-08 Jul, 2025 | 15:38

Windows Kernel Elevation of Privilege Vulnerability

Vendor-Microsoft Corporation

Product-windows_server_2012 windows_server_2016 windows_server_2019 windows_server_2022 Windows Server 2022 Windows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2019 Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation)Windows Server 2016 Windows Server 2016 (Server Core installation)Windows Server 2012

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-33039

Credits

Untrusted Pointer Dereference in Audio

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Affected

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs