Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-38409

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-04 Nov, 2024 | 10:04
Updated At-16 Nov, 2024 | 04:55
Rejected At-
Credits

Buffer Copy Without Checking Size of Input in WLAN Windows Host

Memory corruption while station LL statistic handling.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:04 Nov, 2024 | 10:04
Updated At:16 Nov, 2024 | 04:55
Rejected At:
â–¼CVE Numbering Authority (CNA)
Buffer Copy Without Checking Size of Input in WLAN Windows Host

Memory corruption while station LL statistic handling.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Compute
  • Snapdragon Connectivity
  • Snapdragon Consumer Electronics Connectivity
  • Snapdragon Industrial IOT
  • Snapdragon Wearables
Default Status
unaffected
Versions
Affected
  • FastConnect 6700
  • FastConnect 6900
  • FastConnect 7800
  • QCC2073
  • QCC2076
  • QCM5430
  • QCM6490
  • QCS5430
  • QCS6490
  • Qualcomm Video Collaboration VC3 Platform
  • SC8380XP
  • SDM429W
  • Snapdragon 429 Mobile Platform
  • Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)
  • WCD9370
  • WCD9375
  • WCD9380
  • WCD9385
  • WCN3620
  • WCN3660B
  • WSA8830
  • WSA8835
  • WSA8840
  • WSA8845
  • WSA8845H
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html
N/A
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_6700_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_6900_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
fastconnect_7800_firmware
CPEs
  • cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcc2073_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcc2073_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcc2076_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcc2076_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm5430_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcm6490_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs5430_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qcs6490_firmware
CPEs
  • cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
qualcomm_video_collaboration_vc3_platform_firmware
CPEs
  • cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sc8380xp_firmware
CPEs
  • cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
sdm429w_firmware
CPEs
  • cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
snapdragon_429_mobile_platform_firmware
CPEs
  • cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wcd9370_firmware
CPEs
  • cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wcd9375_firmware
CPEs
  • cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wcd9380_firmware
CPEs
  • cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wcd9385_firmware
CPEs
  • cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wcn3620_firmware
CPEs
  • cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wcn3660b_firmware
CPEs
  • cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wsa8830_firmware
CPEs
  • cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wsa8835_firmware
CPEs
  • cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wsa8840_firmware
CPEs
  • cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wsa8845_firmware
CPEs
  • cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Vendor
Qualcomm Technologies, Inc.qualcomm
Product
wsa8845h_firmware
CPEs
  • cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 through * (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:04 Nov, 2024 | 10:15
Updated At:07 Nov, 2024 | 19:40

Memory corruption while station LL statistic handling.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845h_firmware>>-
cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845h>>-
cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845_firmware>>-
cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845>>-
cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8840_firmware>>-
cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8840>>-
cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8835_firmware>>-
cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8835>>-
cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8830_firmware>>-
cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8830>>-
cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3660b_firmware>>-
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3660b>>-
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3620_firmware>>-
cpe:2.3:o:qualcomm:wcn3620_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3620>>-
cpe:2.3:h:qualcomm:wcn3620:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9385_firmware>>-
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9385>>-
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9380_firmware>>-
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9380>>-
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9375_firmware>>-
cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9375>>-
cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9370_firmware>>-
cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9370>>-
cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_8cx_gen_3_compute_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_8cx_gen_3_compute_platform>>-
cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3_compute_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_429_mobile_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_429_mobile_platform>>-
cpe:2.3:h:qualcomm:snapdragon_429_mobile_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w_firmware>>-
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w>>-
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sc8380xp_firmware>>-
cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sc8380xp>>-
cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>video_collaboration_vc3_platform_firmware>>-
cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>video_collaboration_vc3_platform>>-
cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs6490_firmware>>-
cpe:2.3:o:qualcomm:qcs6490_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs6490>>-
cpe:2.3:h:qualcomm:qcs6490:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs5430_firmware>>-
cpe:2.3:o:qualcomm:qcs5430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs5430>>-
cpe:2.3:h:qualcomm:qcs5430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6490_firmware>>-
cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6490>>-
cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm5430_firmware>>-
cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm5430>>-
cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcc2076_firmware>>-
cpe:2.3:o:qualcomm:qcc2076_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcc2076>>-
cpe:2.3:h:qualcomm:qcc2076:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcc2073_firmware>>-
cpe:2.3:o:qualcomm:qcc2073_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcc2073>>-
cpe:2.3:h:qualcomm:qcc2073:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800>>-
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900>>-
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6700_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6700>>-
cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE-120Secondaryproduct-security@qualcomm.com
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-120
Type: Secondary
Source: product-security@qualcomm.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.htmlproduct-security@qualcomm.com
Patch
Vendor Advisory
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html
Source: product-security@qualcomm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1203Records found
CVE-2019-2304
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.67%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920sdm845sdm660msm8920_firmwaresdx24mdm9607_firmwaremsm8940_firmwareqcs405ipq8074_firmwaresm7150_firmwaresm6150mdm9607sm7150qcn7605_firmwaremsm8917msm8937ipq4019_firmwareqcs605_firmwaresm8150_firmwaresdx24_firmwareipq8074sdm660_firmwareqcs405_firmwaresda845_firmwareqcn7605qcs605ipq4019sdx55msm8940sm6150_firmwaremsm8917_firmwaremsm8937_firmwaresm8150ipq8064sdx55_firmwaresxr1130_firmwaresxr1130ipq8064_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-3624
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 17.19%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwaremdm9635m_firmwaremdm9640_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaresa415mmdm9635mapq8098qcn7605mdm9615mdm9205mdm9206_firmwaresa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwaresa515m_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresa415m_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresdm850mdm9615_firmwarekamortaapq8017saipannicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-3684
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.07%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcs610sdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150agatti_firmwaresm7150qca6390_firmwareapq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mbitraapq8098ipq6018_firmwaremdm9205mdm9206_firmwaresa515mqcs605bitra_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009agattisda845nicobarsdm850_firmwaresa6155p_firmwaresdm636_firmwaresa515m_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sa8155p_firmwaresc7180_firmwaresdm710mdm9607sdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8905ipq6018sm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqca6390sdx55saipan_firmwaresm6150_firmwaresa8155psm8250msm8998sm8150sdx20_firmwaresdm850kamortasaipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-3630
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.36%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcm2150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sa415mapq8098mdm9206_firmwareqcs605sdm429_firmwaremdm9650_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwarenicobarsa6155p_firmwaremsm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150sdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710qm215mdm9607sdm710_firmwaresa6155pmdm9150mdm9207c_firmwaremsm8996_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwareapq8053saipan_firmwaresm6150_firmwareapq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwarekamortamsm8996saipannicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-3613
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.39%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150sm8150_firmwareSnapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-415
Double Free
CVE-2020-3690
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.03%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, Bitra, Kamorta, Nicobar, QCA6390, QCS404, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresa6155p_firmwareqcs610sa515m_firmwaresdm845sdx24qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwaresm7150_firmwaresa8155p_firmwaresc7180_firmwaresdm710agatti_firmwaresm6150sdm710_firmwaresm7150qca6390_firmwaresa6155psdm670qcs610_firmwaresxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwaresda845_firmwarerennellsa415msc7180bitrarennell_firmwareqca6390sa515mqcs605sdx55sa8155psaipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdm850sxr1130_firmwarekamortasdx55_firmwarenicobar_firmwaresaipansxr1130agattisda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-3618
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.03%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC8180X, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq6018ipq8074_firmwaresxr2130_firmwareipq8074qca8081_firmwareipq6018_firmwareqca8081sxr2130sc8180xsc8180x_firmwareSnapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2020-3694
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.15%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in Bitra, Nicobar, Saipan, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sxr2130saipan_firmwaresm6150_firmwaresm6150sm8250bitra_firmwaresm8150_firmwaresm8150sxr2130_firmwarebitranicobar_firmwaresaipansm8250_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2020-3693
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.15%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaresdm429wmsm8996au_firmwareapq8098_firmwaresdx20qcm2150sm8250_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwareapq8017_firmwareapq8009apq8009_firmwaresxr2130qcs605_firmwaresm8150_firmwaresxr2130_firmwarebitraapq8098qcs605apq8053saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdx20_firmwareapq8017nicobar_firmwaremsm8909wsaipanapq8053_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-3610
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.52%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount taken for this object in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwaresdx24_firmwaresdm636sda845_firmwaresa415mapq8098qcs605sdm429_firmwaresda660sdx55_firmwareapq8009msm8909wapq8053_firmwaresda845nicobarmsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20sdm660sdm630sm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sdm710_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwarenicobar_firmwaresaipansdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-415
Double Free
CVE-2020-3648
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.52%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible out of bound write in DSP driver code due to lack of check of data received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8909w_firmwaremsm8909wSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3676
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 31.88%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaremsm8920qcm2150_firmwaremsm8953sdm450sdm636_firmwaresdm632_firmwareapq8098_firmwaresdm450_firmwaremsm8998_firmwaresdm632qcm2150msm8920_firmwaresdm439sdm630sdm660sm8250_firmwaresdm429msm8940_firmwaresm7150_firmwaresdm710qm215sm6150sdm710_firmwaresm7150msm8917sdm670sxr2130msm8937qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm636rennellsdm630_firmwareapq8098rennell_firmwareqm215_firmwareqcs605msm8940msm8953_firmwareapq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8937_firmwaremsm8998sdm429_firmwaresm8150sm8250sxr1130_firmwarekamortanicobar_firmwaresaipansxr1130sdm660_firmwarenicobarSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2019-2315
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.22%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwareqcs404sdm636sda845_firmwareapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremdm9150msm8937msm8996_firmwaremsm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-3636
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.36%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound writes happen when accessing usage_table header entry beyond the memory allocated for the header' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwareqcs610rennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasm7150sdx55_firmwareqcs610_firmwaresxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-3696
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.84%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca4531_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwareapq8098_firmwaresdx20qcm2150sdx24mdm9607_firmwareqca9531ipq8074_firmwareqca6574aumsm8909w_firmwaremdm9607msm8996ausdm429w_firmwareapq8017_firmwareapq8009_firmwaremsm8909wqcs605_firmwareipq4019_firmwaremdm9207c_firmwareipq6018mdm9206mdm9207cmsm8905sdx24_firmwareipq8074apq8096auqca4531apq8098ipq6018_firmwaremdm9206_firmwareqcs605ipq4019apq8053apq8096au_firmwaresdx20_firmwareqca9531_firmwaremsm8905_firmwareipq8064qca6574au_firmwareapq8017apq8009apq8053_firmwareipq8064_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-2329
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.45%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwaresda845_firmwaresdm845mdm9205_firmwaremdm9205qcs404_firmwareqcs605sdx55sm7150_firmwaresm6150_firmwaresdm710sm6150sm8150sdm710_firmwaresxr1130_firmwaresdx55_firmwaresm7150sxr1130sdm670sxr2130qcs605_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-14000
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.89%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and potential information leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636sda845_firmwareapq8098ipq6018_firmwaremdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwareqcs405ipq8074_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081mdm9150msm8937msm8996_firmwaremsm8905ipq6018sm8150_firmwaresxr2130_firmwaremdm9655apq8096ausdm439_firmwarerennellqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850apq8017msm8996nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14077
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.36%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaremdm9150_firmwaresdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150sm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098ipq6018_firmwaremdm9205qcs605mdm9650_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaresdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaremdm9607sdm710_firmwaresa6155pmdm9150ipq6018sm8150_firmwaremsm8909sxr2130_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaresdx55sm6150_firmwaresm8250msm8998sm8150sdm850kamortanicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-10548
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.29%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresdm670_firmwaresdm636msm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sxr1130_firmwaresxr1130apq8009msm8909wmsm8909_firmwareapq8053_firmwarenicobarmsm8920msm8953sdm450sdm636_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630qca6574ausdm710qm215sdm710_firmwaremsm8939_firmwaremsm8937msm8905sm8150_firmwaremsm8909apq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10567
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.32%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9150msm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250apq8017saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2019-10562
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.76%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresa6155p_firmwareqcs610sdm636_firmwaresdm845msm8998_firmwaresdm660sdx24sdm630qcs404_firmwaresm8250_firmwaresa415m_firmwaresm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaresxr2130qcs605_firmwareipq6018sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwaresdm636sda845_firmwarerennellsa415msc7180sdm630_firmwaresda660_firmwarerennell_firmwareipq6018_firmwareqcs605sdx55sm6150_firmwaresm8250msm8998sm8150sdm850sda660kamortasdx55_firmwaresxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2019-10517
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.36%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCS405, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8096_firmwaremsm8996au_firmwaresdm845apq8096mdm9650msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sxr2130qcs605_firmwaremdm9206sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845msm8920sdm636_firmwareapq8098_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405mdm9607apq8017_firmwaremsm8939_firmwaremsm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096auqcs405_firmwaresdm630_firmwaresda660_firmwaremsm8940apq8053apq8096au_firmwaresm6150_firmwaresm8250msm8917_firmwaresm8150sdx20_firmwareapq8017sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-415
Double Free
CVE-2019-10497
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.72%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10600
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.03%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCA8081, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwareqca6574au_firmwaresdx55_firmwareipq8064sxr1130_firmwareqca8081_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405ipq8074_firmwareqca6574ausdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pqca8081mdm9150msm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwareqm215_firmwareipq4019sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10602
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.29%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential use-after-free heap error during Validate/Present calls on display HW composer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCS605, SDA660, SDM845, SDX20, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920msm8953msm8996au_firmwareapq8098_firmwaresdm845sdx20msm8920_firmwaremdm9607_firmwaremdm9650msm8940_firmwaremsm8909w_firmwaremdm9607msm8996aumsm8917msm8937mdm9207c_firmwareqcs605_firmwaremdm9206mdm9207csm8150_firmwareapq8096auapq8098sda660_firmwaremdm9206_firmwareqcs605msm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8937_firmwaremdm9650_firmwaresm8150sdx20_firmwaresda660msm8909wapq8053_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10480
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.03%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9980, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwareqca9980_firmwaremsm8996au_firmwaresdm845sdx24mdm9650msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareipq4019_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareqca9377apq8098qcn7605mdm9615mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwareqca6574au_firmwaresda660ipq8064sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaresda845msm8920sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwareipq8074_firmwareqca6574ausdm710mdm9607qca9980apq8017_firmwaresdm710_firmwaremsm8939_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremdm9207cqca6174a_firmwaresm8150_firmwaremsm8909apq8096ausdm630_firmwaresda660_firmwareipq4019msm8940apq8053sm6150_firmwareapq8096au_firmwaremsm8917_firmwaremdm9615_firmwaresm8150sdx20_firmwareapq8017qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10507
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.16%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206qca9379_firmwareqca6174asd_425_firmwaresd_665sdx24_firmwaresd_625_firmwareqca9377sd_845mdm9206_firmwareqcs605mdm9640sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_600sd_665_firmwaresd_205_firmwaresd_212sd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_710_firmwaresdm630sd_625qca6574ausd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_670sd_710sdx20_firmwaresd_600_firmwaresd_205qca9379sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18279
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.82%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:58
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwareqca9980_firmwaremsm8996au_firmwarefsm9955_firmwareqca9563_firmwaremdm9650qca9558qca9558_firmwaresd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996auqca9880_firmwaresd_650sd_820sd_450_firmwareipq4019_firmwaremdm9206sd_652sd_425_firmwaresd_800_firmwaresd_625_firmwaresd_450sdm636mdm9206_firmwareqca9563qca9886sd_835_firmwaremdm9650_firmwaresd_835ipq8064sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwareipq8064_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwarefsm9055sdm636_firmwaresdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sdm630qca9531sd_625sd_820_firmwaresd_210mdm9607qca9980qca9880sd_800fsm9055_firmwareqca9886_firmwaresnapdragon_high_med_2016sd_212_firmwaresdm630_firmwarefsm9955sd_430ipq4019sd_427sd_810sd_435_firmwaresdx20_firmwareqca9531_firmwaresd_205sd_810_firmwaresdm660_firmwaremdm9640Small Cell SoC, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-53028
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 24.89%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive Vehicle Networks

Memory corruption may occur while processing message from frontend during allocation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-53012
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.04%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption may occur due to improper input validation in clock device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2024-53032
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 24.89%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform

Memory corruption may occur in keyboard virtual device due to guest VM interaction.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa9000pqca6595au_firmwaresa8650p_firmwareqam8775psa8255pqamsrv1m_firmwareqca6595qca6688aq_firmwaresa8770psa8775psrv1h_firmwaresa8620p_firmwareqam8650p_firmwareqca6595_firmwaresrv1mqam8620psa8775p_firmwareqamsrv1msa9000p_firmwaresrv1hqca6574ausa7255psrv1m_firmwaresa8620psa7775psa8650pqam8620p_firmwaresa8540p_firmwaresa7255p_firmwareqam8775p_firmwareqam8295p_firmwareqam8255pqca6688aqqca6698aqsa7775p_firmwaresa8255p_firmwaresa8770p_firmwaresa8295p_firmwareqca6696_firmwareqam8295pqamsrv1hsrv1l_firmwareqca6574au_firmwareqamsrv1h_firmwareqca6595auqam8255p_firmwaresa8295psrv1lqca6698aq_firmwareqam8650pqca6696sa8540pSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-53014
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Audio

Memory corruption may occur while validating ports and channels in Audio driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwaresw5100pqcm8550_firmwaresd865_5gqcs410_firmwarewcn6650sa6150p_firmwaresm8735qca6595qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370qca8081_firmwaresnapdragon_730gsnapdragon_429_firmwareqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwareqcn6024wcn7750wcn6450qcc710_firmwareqca6426snapdragon_auto_4gwcn6740_firmwaresnapdragon_720g_firmwarefastconnect_6700snapdragon_695_5gsa4150psnapdragon_888_5gwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_4_gen_2_firmwareqca6574au_firmwaresm6370qca6564_firmwareqam8295psnapdragon_x12_lte_firmwarewcd9341qca6574auwcd9390sa8620p_firmwarewsa8810_firmwaresd730_firmwarewsa8845h_firmwaresnapdragon_429csra6640sa9000p_firmwaresnapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsrv1hsm8650q_firmwaresnapdragon_765_5gwcn3660b_firmwaresd730snapdragon_8\+_gen_2fastconnect_6800_firmwareqcs5430wcn7860snapdragon_865\+_5g_firmwareqcn6024_firmwaresnapdragon_x65_5gqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwaresa4155psa8770pqcm6125_firmwarec-v2x_9150ssg2115pqcc710snapdragon_x50_5gsnapdragon_xr2_5g_firmwaresa8540psnapdragon_730qsm8250_firmwaresnapdragon_765g_5g_firmware315_5g_iot_modem_firmwaresnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900robotics_rb2snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwaresnapdragon_x72_5gvideo_collaboration_vc1_platformqep8111sm8635sa7255pqfw7114wcd9385_firmware315_5g_iot_modemqam8255p_firmwaresnapdragon_778g_5gsnapdragon_678_firmwaresa8155_firmwarewcd9360sdx61qcs4490snapdragon_732g_firmwaresnapdragon_662_firmwaresnapdragon_x50_5g_firmwarewsa8845sa6155pqcm6125qca6564au_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresnapdragon_855_firmwaresa9000psrv1h_firmwareqsm8250snapdragon_678qca6595ausxr2250p_firmwaresm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwaresnapdragon_730g_firmwaresnapdragon_ar1_gen_1wsa8840srv1m_firmwareqcs8550_firmwareqfw7124_firmwareqca6436_firmwaresm8750psnapdragon_x35_5g_firmwareqcn9012wcd9371_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_675_firmwaresm4125_firmwaresm8635psnapdragon_680_4gqmp1000qca6420wcn3910wcd9370_firmwareqca9367robotics_rb2_firmwaresnapdragon_8_gen_2snapdragon_480\+_5g_firmwaresnapdragon_765_5g_firmwarewcn3660bqca6574asa7255p_firmwarewcn3620_firmwareqca6174asnapdragon_695_5g_firmwaresa8195psnapdragon_750g_5g_firmwarewcd9340qcs8250_firmwareqcm2290talynplusqcm6490215sa8540p_firmwaresm8550p_firmwaresnapdragon_x55_5g_firmwareqcm8550sxr2250pwcn3988sm6370_firmwareqcn9024sdm429wsa8775pqca6574sxr2230p_firmwaresd675_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresnapdragon_439_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hwcd9326sa6150psm8650qqcm2290_firmwareqcs410sa8155p_firmwareqca6564asa8155psnapdragon_855\+wsa8830snapdragon_870_5g_firmwaresm8550psnapdragon_x65_5g_firmwaresa6145pqcn9074_firmwaresm7675_firmwaresa8255p_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gsnapdragon_720gar8035sm7635_firmwareqamsrv1m_firmwareqca6564wcn7750_firmwareqrb5165m_firmwaresa8650p_firmwarewcn3620wcn6450_firmwaresa6155qcm4325snapdragon_860snapdragon_x72_5g_firmwaresrv1l_firmwareqcn6224snapdragon_782gqca6698aqwcn3950_firmwaressg2125p_firmwaresm7635qrb5165nsa7775p_firmwaresa8530p_firmwaresm6250fastconnect_6200wcn3680bsm7325p_firmwaresa8145p_firmwarewcd9360_firmwarewcd9378sm8635p_firmwaresa8150p_firmwaresnapdragon_768g_5gfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490qcs8250snapdragon_778g\+_5gfastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqcn6224_firmwareqca6678aq_firmwarewsa8845_firmwaresd660_firmwarewsa8832sdx61_firmwarewcd9378_firmwaresrv1lsxr2130_firmwaresm7675psrv1mqca6678aqar8035_firmwarewcn7860_firmwareqrb5165msnapdragon_680_4g_firmwaresa4150p_firmwaresd888_firmwaresnapdragon_439qca6564auqcs6125_firmwaresm4635snapdragon_460qcn9074wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwaresnapdragon_auto_4g_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_x12_ltesnapdragon_685_4gar8031qca9377_firmwaresnapdragon_x62_5gsnapdragon_xr2\+_gen_1qcm6490_firmwaresg8275p_firmwaresm7250p_firmwarewcn3680_firmwaresm4635_firmwaresa2150p_firmwaresm4125qcm4490_firmwarevision_intelligence_400_firmwarewcn3950qcs6125flight_rb5_5gsnapdragon_690_5g_firmwaresm8750qca6797aq_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresnapdragon_855\+_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwaresnapdragon_auto_5g_firmwaresm7250psm6250_firmwaresa8155snapdragon_768g_5g_firmwareqca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwaresa2150psw5100_firmwarewcn6740wcn6650_firmwaresnapdragon_732gfastconnect_6800qfw7114_firmwaresnapdragon_662qcs7230qca6595_firmwarefastconnect_7800_firmwarewcd9371sm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150psxr2330pwcn6755snapdragon_888_5g_firmware215_firmwaresnapdragon_765g_5gsnapdragon_8\+_gen_2_firmwaresxr1230pwcn7881sm6650sw5100video_collaboration_vc3_platformaqt1000qcm2150_firmwarec-v2x_9150_firmwareqca6688aqqam8295p_firmwaresd855snapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315snapdragon_750g_5gqca6698aq_firmwareqcs2290qca6564a_firmwarewcd9385qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615qca9367_firmwarewcn3680snapdragon_8_gen_1sa8255pqcs7230_firmwareqcs4290sxr1230p_firmwarewcd9390_firmwaresnapdragon_x62_5g_firmwaresnapdragon_8_gen_3qep8111_firmwareqca6430sg8275psnapdragon_782g_firmwaresnapdragon_855sdx55_firmwaresnapdragon_x55_5gsm8750_firmwarewcn3615_firmwareflight_rb5_5g_firmwaressg2125psxr2130snapdragon_4_gen_1qcm4490snapdragon_870_5gcsra6640_firmwareqamsrv1mrobotics_rb5snapdragon_480\+_5gsm7325psnapdragon_685_4g_firmwarewcn7861qca6174a_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformwcn7861_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm6650_firmwaresnapdragon_480_5gqam8620pwcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwaresd855_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqca6584au_firmwareqcn6274qfw7124qca6595au_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620qca8081sd660mdm9628wsa8815sg4150pqam8775pqca9377snapdragon_ar2_gen_1_firmwaresnapdragon_auto_5gsd_8_gen1_5gqca6797aqsnapdragon_730_firmwaremdm9628_firmwaresnapdragon_860_firmwareqcm4325_firmwaresnapdragon_x35_5gsa8620psnapdragon_660qca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_8\+_gen_1_firmwaresd675wcd9375_firmwaresnapdragon_8_gen_3_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresnapdragon_x75_5g_firmwaresd_8_gen1_5g_firmwareqcn9012_firmwareqcs5430_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550snapdragon_675sm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwarewcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675sa8145psd_675vision_intelligence_400wsa8835_firmwaressg2115p_firmwarewcn3980sm7675p_firmwareqcm2150wcn3680b_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-53034
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 34.76%
||
7 Day CHG+0.02%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Pointer Dereference in DSP_Services

Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresc8380xpsc8380xp_firmwarefastconnect_6900fastconnect_6900_firmwarefastconnect_7800_firmwarewsa8840_firmwarewcd9385_firmwarefastconnect_7800wsa8845h_firmwarewcd9380wsa8845hwsa8845_firmwarewsa8840wcd9385wsa8845Snapdragon
CWE ID-CWE-822
Untrusted Pointer Dereference
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-53009
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 20.28%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Automotive Autonomy

Memory corruption while operating the mailbox in Automotive.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwarerobotics_rb3sa6150p_firmwaresd865_5gqca6595sm8735wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750qcc710_firmwareqca6426fastconnect_6700snapdragon_x50_5g_modem-rf_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395sc8180xp-aaabqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresc8180xp-acafsa9000p_firmwaresrv1hsnapdragon_850_mobile_computeqcs9100sdx80mfastconnect_6800_firmwareqcs5430wcn7860qcm5430qcm5430_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwarefastconnect_6900qru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwareqca6421qca6310qam8255p_firmwaresa8155_firmwaresnapdragon_x65_5g_modem-rfqca6335wsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwarewsa8810qam8650pqdu1000_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesxr2250p_firmwareqdu1010wcd9326_firmwaresa6155p_firmwaresnapdragon_845_mobile_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwaresnapdragon_x35_5g_modem-rf_firmwareqcs8550_firmwareqca6698auqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012snapdragon_x55_5g_modem-rf_firmwaresnapdragon_x62_5g_modem-rf_firmwareqmp1000snapdragon_8_gen_2_mobileqca6420wcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwaresnapdragon_x72_5g_modem-rf_firmwareqca6574asnapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340qdu1210snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sa8540p_firmwaresxr2250psm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwareqcn9274vision_intelligence_300_firmwaresa8775pqca6574sxr2230p_firmwaresd675_firmwaresnapdragon_855_mobile_firmwareqca6698au_firmwareqca6430_firmwareqcn9011sa8775p_firmwareqamsrv1hsdx57mwsa8845hwcd9326sa6150psa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwaresa6155srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareqcn6224qcs615ssg2125p_firmwarewcn3950_firmwareqca6698aqsa7775p_firmwaresa8530p_firmwarefastconnect_6200sd670sa8145p_firmwaresc8180x-acaf_firmwarewcd9378qdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490sc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresrv1lsdx57m_firmwaresxr2130_firmwaresrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwarewcn7860_firmwaresc8380xpsnapdragon_x62_5g_modem-rfqca6564ausm4635sc8180xp-adsc8280xp-abbbwsa8815_firmwaresa8195p_firmwareqca8337_firmwaresg8275p_firmwareqca9377_firmwareqcm6490_firmwaresm7250p_firmwaresm4635_firmwarevision_intelligence_400_firmwareqru1032wcn3950snapdragon_870_5g_mobile_firmwaresm8750snapdragon_auto_5g_modem-rf_gen_2_firmwareqca6797aq_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesc8180x-acafsm7250psa8155sd_8cx_firmwaresc8180x-ad_firmwareqca6584auqcn6274_firmwareqcn9011_firmwareqru1062_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062qca6310_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150psxr2330psnapdragon_x24_lte_modemsc8180x-aaabsxr1230psc8180x-aaab_firmwarewcn7881video_collaboration_vc3_platformaqt1000qca6688aqqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmwareqca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqcs615_firmwareqca6430snapdragon_855\+_mobilesg8275psnapdragon_765_5g_mobileqdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresm8750_firmwaresdx55_firmwaressg2125pqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mqca6174a_firmwarewcn7861_firmwarewcn7861snapdragon_x50_5g_modem-rfqam8650p_firmwaresnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwareqam8620pwcn3980_firmwaresd855_firmwareqca6436qca6584au_firmwareqcn6274snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqfw7124qca6595au_firmwareqdu1010_firmwareqcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gsnapdragon_ar2_gen_1_firmwareqam8775pqca9377qca6797aqsnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55snapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675wcd9375_firmwaresd_8_gen1_5g_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwareqcn9274_firmwareqcn9012_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfqru1052_firmwaresa8770p_firmwaresa8295pqcs8550sc8280xp-abbb_firmwaresm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwarevision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobilewcn3988_firmwareqamsrv1h_firmwaresa8145psd_675vision_intelligence_400sdx80m_firmwarewsa8835_firmwaressg2115p_firmwaresd_8cxwcn3980qdx1010snapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-53031
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.73%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa9000pqca6595au_firmwaresa8650p_firmwareqam8775psa8255pqamsrv1m_firmwareqca6595qca6688aq_firmwaresa8770psa8775psrv1h_firmwaresa8620p_firmwareqam8650p_firmwareqca6595_firmwaresrv1mqam8620psa8775p_firmwareqamsrv1msa9000p_firmwaresrv1hqca6574ausa7255psrv1m_firmwaresa8620psa7775psa8650pqam8620p_firmwaresa8540p_firmwaresa7255p_firmwareqam8775p_firmwareqam8295p_firmwareqam8255pqca6688aqqca6698aqsa7775p_firmwaresa8255p_firmwaresa8770p_firmwaresa8295p_firmwareqca6696_firmwareqam8295pqamsrv1hsrv1l_firmwareqca6574au_firmwareqamsrv1h_firmwareqca6595auqam8255p_firmwaresa8295psrv1lqca6698aq_firmwareqam8650pqca6696sa8540pSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-53029
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.73%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2024-53033
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 34.76%
||
7 Day CHG+0.02%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Pointer Dereference in DSP_Services

Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresc8380xpsc8380xp_firmwarefastconnect_6900fastconnect_6900_firmwarefastconnect_7800_firmwarewsa8840_firmwarewcd9385_firmwarefastconnect_7800wsa8845h_firmwarewcd9380wsa8845hwsa8845_firmwarewsa8840wcd9385wsa8845Snapdragon
CWE ID-CWE-822
Untrusted Pointer Dereference
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-53022
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.34%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption may occur during communication between primary and guest VM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6696sa7775psa8775psa8540p_firmwaresa8775p_firmwareqam8255p_firmwaresrv1m_firmwaresrv1mqamsrv1h_firmwareqam8295p_firmwaresrv1l_firmwaresa8620pqam8775pqam8255pqca6696_firmwaresa9000p_firmwareqca6595_firmwaresa8540psa8620p_firmwaresa8770p_firmwaresa8255p_firmwareqca6595au_firmwaresrv1lqam8620p_firmwaresa7255psa8770psa8650p_firmwaresa9000psrv1hqam8775p_firmwareqamsrv1hsa7775p_firmwareqam8650p_firmwaresa8295pqamsrv1mqam8295pqca6595qamsrv1m_firmwaresa8295p_firmwareqam8650psa8255psa8650psrv1h_firmwareqam8620pqca6595ausa7255p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-53024
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in Display

Memory corruption in display driver while detaching a device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcm8550_firmwareqcs410_firmwaresw5100pwcn6650qca6595sm8735qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370qca8081_firmwaresnapdragon_429_firmwareqca6696qam8620p_firmwarewcn7880_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwareqcn6024wcn7750wcn6450wcn6740_firmwarefastconnect_6700snapdragon_695_5gsnapdragon_888_5gwsa8832_firmwareqca8337wcd9395snapdragon_4_gen_2_firmwareqca6574au_firmwaresm6370qam8295pwcd9341qca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_429csra6640sa9000p_firmwaresrv1hsnapdragon_778g\+_5g_firmwaresm8650q_firmwarewcn3660b_firmwareqcs9100snapdragon_8\+_gen_2qcs5430wcn7860qcn6024_firmwaresnapdragon_x65_5gqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwaresa8770pqcm6125_firmwaressg2115psa8540pqsm8350_firmwaresnapdragon_4_gen_2robotics_rb2fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwarevideo_collaboration_vc1_platformsa7255psm8635wcd9385_firmwareqam8255p_firmwaresnapdragon_778g_5gsdx61qcs4490snapdragon_662_firmwarewsa8845sa6155pqcm6125wsa8810video_collaboration_vc5_platform_firmwareqam8650psa9000psrv1h_firmwareqca6595ausxr2250p_firmwaresm7315_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresm8750pqcn9012qcs4490_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm8635pqmp1000snapdragon_680_4gwcd9370_firmwarerobotics_rb2_firmwaresnapdragon_8_gen_2snapdragon_480\+_5g_firmwarewcn3660bqca6574asa7255p_firmwarewcn3620_firmwaresa8195psnapdragon_695_5g_firmwareqcs8250_firmwaretalynplussa8540p_firmwareqcm6490sm8550p_firmwaresxr2250pqcm8550wcn3988sm6370_firmwareqcn9274qcn9024sa8775pqca6574sxr2230p_firmwareqcn9011sa8775p_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hqcs410sm8650qsa8155p_firmwaresa8155pwsa8830sm8550psnapdragon_x65_5g_firmwaresm7675_firmwaresa8255p_firmwaresnapdragon_888\+_5gar8035sm7635_firmwareqamsrv1m_firmwarewcn7750_firmwareqrb5165m_firmwaresa8650p_firmwarewcn3620wcn6450_firmwareqcm4325srv1l_firmwareqcs9100_firmwareqcs615snapdragon_782gssg2125p_firmwarewcn3950_firmwaresa7775p_firmwareqca6698aqqrb5165nsm7635sa8530p_firmwarefastconnect_6200sm7325p_firmwarewcd9378sm8635p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490qcs8250snapdragon_778g\+_5gfastconnect_6200_firmwarewsa8830_firmwareqca6678aq_firmwarewsa8845_firmwarewsa8832sdx61_firmwarewcd9378_firmwaresrv1lsm7675psrv1mqca6678aqar8035_firmwarewcn7860_firmwareqrb5165msnapdragon_680_4g_firmwaresd888_firmwareqcs6125_firmwaresm4635snapdragon_460wsa8815_firmwaresa8195p_firmwareqca8337_firmwaresnapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_685_4gsg8275p_firmwaresnapdragon_x62_5gqcm6490_firmwaresm4635_firmwareqcm4490_firmwarewcn3950qcs6125flight_rb5_5gsm8750qca6797aq_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresa8295p_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresd888wcn6755_firmwareqcn9011_firmwaresw5100_firmwarewcn6740wcn6650_firmwaresnapdragon_662qcs7230qca6595_firmwarefastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pqmp1000_firmwarewcn7880sxr2330pwcn6755snapdragon_888_5g_firmwaresnapdragon_8\+_gen_2_firmwaresxr1230pwcn7881sm6650sw5100video_collaboration_vc3_platformqca6688aqqam8295p_firmwaresnapdragon_8_gen_1_firmwaresm7315qca6698aq_firmwarewcd9385qsm8350snapdragon_8_gen_1sa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_x62_5g_firmwaresnapdragon_8_gen_3qcs615_firmwaresg8275psnapdragon_782g_firmwaresm8750_firmwareflight_rb5_5g_firmwaressg2125pqcm4490snapdragon_4_gen_1csra6640_firmwareqamsrv1mrobotics_rb5snapdragon_480\+_5gsm7325psnapdragon_685_4g_firmwarewcn7861wcn7861_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresm6650_firmwaresnapdragon_480_5gqam8620pwcd9335_firmwareqrb5165n_firmwarewcn3980_firmwaresdm429wwsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqcs8300_firmwaresw5100p_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815sg4150psd_8_gen1_5gqam8775psnapdragon_ar2_gen_1_firmwareqca6797aqqcm4325_firmwaresa8620pqca6574a_firmwaresnapdragon_8\+_gen_1_firmwaresd_8_gen1_5g_firmwaresnapdragon_8_gen_3_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwarewcd9375_firmwareqcn9274_firmwareqcn9012_firmwareqcs5430_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550sm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwaresm8750p_firmwarewcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675wsa8835_firmwaressg2115p_firmwarewcn3980sm7675p_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-49843
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Graphics_Linux

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwaresm4635wsa8840wcn7860sm7675wsa8845h_firmwarewcn7881_firmwarevideo_collaboration_vc1_platform_firmwarewsa8845qcm6125wcn7881wcn6650_firmwarewcd9380_firmwaresxr2330pwcn6450qca6391_firmwarewcn3950_firmwareqca6391sm8750sm8635pwcn6650video_collaboration_vc5_platformwcn3980wcd9370_firmwaresm8635p_firmwaresnapdragon_480_5g_mobilewcn3950snapdragon_w5\+_gen_1_wearablesw5100wsa8845_firmwarewcd9370qcs7230_firmwarewcd9378sw5100p_firmwaresm7675_firmwarewcn6755_firmwarevideo_collaboration_vc5_platform_firmwaresm7635_firmwaresm8750pwsa8835sm8750p_firmwarewsa8845hsnapdragon_480_5g_mobile_firmwarefastconnect_7800wcn6450_firmwaresnapdragon_4_gen_1_mobileqcs8250_firmwaresnapdragon_695_5g_mobilewcn7880_firmwarewcn3988wcn7880wcd9395_firmwaresm4635_firmwareqcm6125_firmwarewcd9378_firmwareqcs6125sm7635qcs7230sm7675psw5100_firmwarewcn3988_firmwaresm6650_firmwareqcs8250wcd9375_firmwaresm7675p_firmwarewsa8810_firmwarewcd9385_firmwarewsa8810wsa8832wcd9390_firmwaresm8635snapdragon_695_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarewcd9375sm8635_firmwaresnapdragon_8_gen_3_mobilesm6650wsa8815qcs6125_firmwaresnapdragon_w5\+_gen_1_wearable_firmwarefastconnect_6200_firmwarewcn7861sm8750_firmwarewcd9380wsa8830snapdragon_480\+_5g_mobile_firmwaresnapdragon_480\+_5g_mobilewsa8815_firmwarewsa8832_firmwarewcn7861_firmwarewcn7860_firmwaresw5100pfastconnect_6200wsa8830_firmwarewcn6755wcn3980_firmwarevideo_collaboration_vc1_platformsnapdragon_4_gen_1_mobile_firmwarewcd9390wcd9385wsa8840_firmwarewcd9395wsa8835_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-49833
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Camera

Memory corruption can occur in the camera when an invalid CID is used.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwaresa7255psnapdragon_ar2_gen_1wcn7860qamsrv1mwcn7881_firmwareqcs8550_firmwarewcn7881sa7775p_firmwaresa8775pssg2125p_firmwareqam8775psa8650p_firmwarewcn3950_firmwaresm8750wcn6650sa8255pwcd9370_firmwarewcn3950video_collaboration_vc3_platform_firmwaresxr2230pwsa8845_firmwareqcm8550_firmwaresnapdragon_8\+_gen_2_mobilewcn6755_firmwaresxr2230p_firmwaresm7635_firmwaresd_8_gen1_5g_firmwarewsa8845hssg2115p_firmwarewcn6450_firmwareqcm8550sa8650psa8770p_firmwaretalynpluswcn3988qca6698aq_firmwarewcn7880_firmwarewcd9395_firmwareqamsrv1m_firmwaresa8775p_firmwaresm7635talynplus_firmwarewsa8835_firmwarefastconnect_6900wcn3988_firmwareqcm4490wcd9375_firmwarewcd9385_firmwareqam8650p_firmwarewsa8810snapdragon_8_gen_3_mobile_firmwareqam8255p_firmwarewcd9375sa8620p_firmwaresm6650sa7255p_firmwareqca6595_firmwaresg8275pqamsrv1hwcn6740wcd9380video_collaboration_vc3_platformqamsrv1h_firmwarewsa8832_firmwarewcn7861_firmwaresnapdragon_4_gen_2_mobilewsa8830_firmwarewcn6755snapdragon_8_gen_2_mobile_firmwareqca6595au_firmwareqcs6490_firmwarewcd9385sa8255p_firmwarewsa8840_firmwareqca6595auqam8255psxr2250p_firmwarewsa8840srv1hsm8550p_firmwaresm7675qca6595wsa8845h_firmwareqam8650pwsa8845snapdragon_ar2_gen_1_firmwarewcn6650_firmwaresxr1230p_firmwaresxr2330pwcd9380_firmwarewcn6450srv1mqam8775p_firmwaresm8635psnapdragon_ar1_gen_1sm8635p_firmwareqcs4490wcd9370wcd9378sm7675_firmwareqcs4490_firmwaresm8750psa9000psnapdragon_4_gen_2_mobile_firmwarewsa8835sm8750p_firmwaressg2125pqca6678aqfastconnect_7800qca6797aq_firmwaresnapdragon_8_gen_1_mobilesnapdragon_8_gen_2_mobilewcn7880wcd9378_firmwareqca6797aqqcm4490_firmwaresm7675pqcs8550sxr2250psm6650_firmwarefastconnect_6700snapdragon_8_gen_1_mobile_firmwaresd_8_gen1_5gsm7675p_firmwaresnapdragon_ar1_gen_1_firmwarewsa8810_firmwaresrv1m_firmwarewsa8832fastconnect_6700_firmwarewcd9390_firmwaresm8635ssg2115psm8635_firmwaresnapdragon_8_gen_3_mobilewsa8815sxr1230pwcn7861sa8620psm8750_firmwarewsa8830wsa8815_firmwaresnapdragon_8\+_gen_2_mobile_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresa8770pwcn7860_firmwaresg8275p_firmwaresrv1h_firmwareqca6678aq_firmwareqca6698aqfastconnect_6900_firmwareqcs6490sa9000p_firmwaresm8550psnapdragon_8\+_gen_1_mobilewcd9390sa7775pwcd9395wcn6740_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-49832
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Camera

Memory corruption in Camera due to unusually high number of nodes passed to AXI port.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840fastconnect_6900sdm429wwcn7860snapdragon_429_mobilewsa8845h_firmwaresnapdragon_8_gen_1_mobile_firmwarewcn3620_firmwarewcn7881_firmwarewsa8845wsa8832wcn7881wcd9390_firmwarewcd9380_firmwaresnapdragon_8_gen_3_mobile_firmwaresm8750wcn3660bsnapdragon_8_gen_3_mobilesdm429w_firmwarewcn7861video_collaboration_vc3_platform_firmwarewsa8845_firmwaresm8750_firmwarewcd9380video_collaboration_vc3_platformwsa8830snapdragon_429_mobile_firmwaresm8750pwsa8832_firmwarewcn7860_firmwarewcn7861_firmwarewsa8835sm8750p_firmwarewsa8845hwsa8830_firmwarewcn3620fastconnect_7800snapdragon_8_gen_1_mobilefastconnect_6900_firmwareqcs6490wcn7880_firmwareqcs6490_firmwarewcn7880wcd9395_firmwarewcd9390wsa8840_firmwarewcd9395wcn3660b_firmwarewsa8835_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-49844
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.08%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive

Memory corruption while triggering commands in the PlayReady Trusted application.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwareqcm8550_firmwarewcn6650sd865_5gsa6150p_firmwareqcs8155_firmwaresxr1120sm8735qca6595wcd9335wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750wcn6450qcc710_firmwareqca6426fastconnect_6700sa4150pwsa8832_firmwaresnapdragon_wear_4100\+_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfqca6564_firmwareqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hsm8650q_firmwarewcn3660b_firmwareqcs9100fastconnect_6800_firmwareqcs5430wcn7860qcm5430qcm5430_firmwaresa4155psnapdragon_712_mobile_firmwaresa8770pqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresa8540psxr1120_firmwareqsm8250_firmwareqsm8350_firmwaresnapdragon_wear_4100\+fastconnect_6900qru1032_firmwareqep8111sm8635sa7255pqfw7114wcd9385_firmwareqca6421qam8255p_firmwaresa8155_firmwaresnapdragon_x65_5g_modem-rfwsa8845sa6155pqca6421_firmwareqca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwareqsm8250srv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobileqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012snapdragon_x55_5g_modem-rf_firmwaresm8635psnapdragon_x62_5g_modem-rf_firmwareqmp1000wcd9370_firmwaresnapdragon_712_mobileqdu1110_firmwareqdu1000wcn3660bqca6574asnapdragon_x72_5g_modem-rf_firmwaresa7255p_firmwarewcn3620_firmwareqca6174asa8195pwcd9340qcs8250_firmwareqdu1210snapdragon_auto_5g_modem-rf_gen_2sa8540p_firmwareqcm6490qcm8550snapdragon_765_5g_mobile_firmwareqcn9274vision_intelligence_300_firmwaresa8775pqca6574qcn9011sa8775p_firmwareqamsrv1hwsa8845hsa6150pwcd9326sm8650qsa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresm7675_firmwaresa8255p_firmwarear8035sm7635_firmwareqamsrv1m_firmwareqca6564wcn7750_firmwaresa8650p_firmwareqrb5165m_firmwarewcn3620wcn6450_firmwaresa6155srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareqcn6224snapdragon_429_mobileqcs615sa7775p_firmwareqca6698aqsm7635qrb5165nsa8530p_firmwarefastconnect_6200sd670wcn3680bsa8145p_firmwarewcd9378qcs8155sm8635p_firmwaresm6650p_firmwareqdx1011sa8150p_firmwarefastconnect_6700_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobileqcs6490qcs8250fastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresrv1lsxr2130_firmwaresm7675psrv1mqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwarewcn7860_firmwareqrb5165msc8380xpsa4150p_firmwaresnapdragon_x62_5g_modem-rfqca6564ausc8280xp-abbbwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcm6490_firmwaresm7250p_firmwareqru1032vision_intelligence_400_firmwareflight_rb5_5gsnapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesa4155p_firmwaresm7250psa8155qca6584auqcn6274_firmwarewcn6755_firmwareqcn9011_firmwareqru1062_firmwarewcn6650_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062snapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqcs7230qca6595_firmwarefastconnect_7800_firmwaresnapdragon_865_5g_mobile_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150pwcn6755sxr2330pwcn7881sm6650video_collaboration_vc3_platformsm6650pqca6688aqqam8295p_firmwareqca6431_firmwarewcn3990_firmwareqca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqcs615_firmwaresnapdragon_765_5g_mobileqdx1011_firmwaresdx55_firmwaresm8750_firmwareflight_rb5_5g_firmwareqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mrobotics_rb5qca6174a_firmwarewcn7861_firmwarewcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_670_mobile_firmwareqcs6490_firmwaresm6650_firmwaresdm429wqam8620pwcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqca6584au_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqcn6274qfw7124qca6595au_firmwareqdu1010_firmwareqcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca6797aqsnapdragon_x75_5g_modem-rfsa8620psdx55qca6574a_firmwaresnapdragon_865_5g_mobilesd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresnapdragon_710_mobileqcn9274_firmwareqcn9012_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfqru1052_firmwaresa8770p_firmwaresa8295pqcs8550sm8735_firmwaresc8280xp-abbb_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwaresnapdragon_xr1wcd9375qca6688aq_firmwarevision_intelligence_300snapdragon_765g_5g_mobileqamsrv1h_firmwaresm7675sa8145pwsa8835_firmwarevision_intelligence_400wcn3980sm7675p_firmwareqdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5852
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 17.42%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 13:56
Updated-09 Jan, 2025 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in IPA

An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_615sd_820sd_652_firmwaremsm8909w_firmwaresd_210_firmwaresd_625sd_616_firmwaresd_810sd_450mdm9640sd_425sd_210sd_820asd_652sd_625_firmwaresd_415_firmwaresd_205mdm9650_firmwaremdm9206mdm9650sd_650sd_820_firmwaresd_835sd_616mdm9206_firmwaresd_810_firmwaresd_845sd_212_firmwaresd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_617_firmwaresd_617mdm9640_firmwaresd_205_firmwaresd_212sd_425_firmwaremsm8909wmdm9607sd_415sd_650_firmwaremdm9607_firmwaresd_430sd_615_firmwaresd_430_firmwaresd_845_firmwareSnapdragonsd_820a_firmwaresd_835_firmwaresd_425_firmwaremdm9607_firmwaremsm8909w_firmwaresd_810_firmwaremdm9206_firmwaresd_450_firmwaremdm9650_firmwaresd_625_firmwaresd_845_firmwaresd_430_firmwaresd_617_firmwaresd_820_firmwaremdm9640_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2024-49841
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.08%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Detection of Error Condition Without Action in Hypervisor

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cxqamsrv1m_firmwaresa6155p_firmwarewcn3950_firmwareqam8775p_firmwarear8035_firmwareqamsrv1mqcs9100_firmwaresxr2330p_firmwaresnapdragon_x72_5g_modem-rf_firmwareqca8081_firmwaresnapdragon_x24_lte_modem_firmwareqca8337_firmwareqca6430snapdragon_670_mobilewcd9326qca6698aq_firmwareqcm5430sa8650p_firmwaresa8650psdx57m_firmwaresnapdragon_ar1_gen_1_firmwareqca6678aq_firmwareqca6431qmp1000_firmwaresa8770pqdu1010sa8775pfastconnect_7800snapdragon_xr2_5g_firmwarerobotics_rb3_firmwaresnapdragon_675_mobileqca6564a_firmwareqep8111_firmwareqcm6490snapdragon_x72_5g_modem-rfwcd9340snapdragon_x55_5g_modem-rf_firmwaresa6145pqca6436_firmwareqcs5430_firmwarewcd9380_firmwareqfw7124snapdragon_850_mobile_computeqam8255pwcn3990sxr1230psrv1lwcn7881_firmwaresa8770p_firmwaresa7255p_firmwaresd670_firmwareqca6426_firmwarewsa8815_firmwareqdx1010sa8540p_firmwareqsm8350qru1052_firmwareqamsrv1h_firmwarewcd9385_firmwarewcn7861_firmwaresdx55srv1h_firmwareqmp1000wsa8835wcd9395qca6678aqvision_intelligence_400_firmwaresd670snapdragon_765_5g_mobile_firmwaresa8255pqru1062_firmwaresnapdragon_855\+_mobilefastconnect_6900wcd9378wcd9380wsa8810_firmwaresm7250p_firmwaresm7250psc8180x-acaf_firmwareqru1032sxr2130_firmwaresd_675_firmwareqca6574_firmwarewsa8810qca6431_firmwareqca6574a_firmwareqcm8550_firmwarewcn3990_firmwareqca6391_firmwareqcn6224snapdragon_x32_5g_modem-rfwsa8840snapdragon_auto_5g_modem-rf_gen_2_firmwarefastconnect_6800sd865_5g_firmwaresc8180xp-acaf_firmwaresa8155p_firmwareqamsrv1hqcn6274_firmwareqca6696_firmwaresnapdragon_765g_5g_mobilesnapdragon_860_mobile_firmwareqfw7114_firmwaresnapdragon_8_gen_3_mobilesnapdragon_x24_lte_modemwsa8845h_firmwaresdx55_firmwaresnapdragon_x32_5g_modem-rf_firmwaresnapdragon_855_mobilewcd9370qdx1011wcn7880qca6595au_firmwareqca6595wcd9375qcs5430snapdragon_865_5g_mobilevision_intelligence_300sm8750_firmwaresa8775p_firmwaresm8750qca6595_firmwaresdx80mwcd9326_firmwaresc8380xpwsa8845snapdragon_x75_5g_modem-rf_firmwareqca6421ssg2125p_firmwareqcs8550qru1032_firmwaresm8735_firmwareqcn9274_firmwareqcm8550qcs6490_firmwarewsa8832_firmwaresc8180x-acafqca9377qca6797aq_firmwareqdu1210sa9000p_firmwaresa8295psrv1m_firmwareqep8111sd855_firmwaresc8280xp-abbb_firmwaresnapdragon_860_mobilesnapdragon_ar1_gen_1sa8155qdu1210_firmwareqca6688aqsnapdragon_768g_5g_mobile_firmwareqcm6490_firmwareqam8650psrv1mfastconnect_6200snapdragon_x35_5g_modem-rfsa6145p_firmwaresa8150psdx57msnapdragon_8_gen_1_mobileqam8295p_firmwareqdu1000wcd9340_firmwarewsa8845hsnapdragon_x65_5g_modem-rf_system_firmwaresd855sc8180x-ad_firmwaresnapdragon_ar2_gen_1sa8540psa8155_firmwaresrv1hfastconnect_6800_firmwareqca6595ausnapdragon_x75_5g_modem-rfvideo_collaboration_vc3_platformvision_intelligence_300_firmwaresnapdragon_870_5g_mobilesnapdragon_auto_5g_modem-rf_gen_2sxr2130qca6696ssg2125pqca6310_firmwaresnapdragon_855\+_mobile_firmwarewsa8830qdu1110sxr2330pqca6430_firmwaresnapdragon_x65_5g_modem-rf_systemqca6335sa8155pqdu1010_firmwaresm8735wcn3980_firmwarewsa8815sa9000psnapdragon_765_5g_mobileqam8295psd_675wcd9378_firmwaresdx80m_firmwaresc8180xp-adqca6698aqqcs8300sa8150p_firmwaresd865_5gqca6335_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareqcm5430_firmwaresnapdragon_865\+_5g_mobilewcd9390_firmwareqca6174aqam8255p_firmwaresnapdragon_x50_5g_modem-rfsnapdragon_865_5g_mobile_firmwaresd_8cx_firmwareqcc710qcs8300_firmwarewcd9370_firmwareaqt1000_firmwaresa7775psnapdragon_x50_5g_modem-rf_firmwareqca6584auqca6584au_firmwarevideo_collaboration_vc3_platform_firmwarewcn7860_firmwaresnapdragon_888\+_5g_mobilesa7775p_firmwareqca6564asnapdragon_8_gen_3_mobile_firmwareqca6574au_firmwarefastconnect_6200_firmwareqfw7124_firmwaresnapdragon_670_mobile_firmwaresnapdragon_678_mobile_firmwaresnapdragon_870_5g_mobile_firmwaresc8180xp-aaabsm8750psa6155qcn9274snapdragon_888_5g_mobilewcd9395_firmwareqcs9100snapdragon_x62_5g_modem-rf_systemqca6420sc8180xp-aaab_firmwaresnapdragon_845_mobileqam8620psd_8_gen1_5gsnapdragon_888_5g_mobile_firmwarerobotics_rb3qca6574ssg2115psnapdragon_ar2_gen_1_firmwaresrv1l_firmwaresnapdragon_850_mobile_compute_firmwareqam8775pqca6310wsa8835_firmwaresc8280xp-abbbqru1062qca6391qfw7114qca6574asa8255p_firmwarewcn7860qcs8550_firmwarear8035sa8620pwcn7881wcn7861sc8180x-adsa8620p_firmwaresd_8_gen1_5g_firmwarefastconnect_6900_firmwaresnapdragon_xr2_5gsnapdragon_765g_5g_mobile_firmwarewcn3980qdx1010_firmwareqca6420_firmwareqca8337sa6155_firmwaresnapdragon_8_gen_1_mobile_firmwareqdx1011_firmwarewcd9341_firmwareqsm8350_firmwaresd675qcs6490qca6426sc8380xp_firmwareqcc710_firmwareqca9377_firmwareaqt1000sa7255psnapdragon_888\+_5g_mobile_firmwareqdu1110_firmwaresa6155pwsa8832qcn6274snapdragon_845_mobile_firmwareqdu1000_firmwarewcn7880_firmwareqru1052wcd9341sm8750p_firmwareqca6421_firmwarewsa8840_firmwaresa8295p_firmwaresnapdragon_678_mobilesnapdragon_855_mobile_firmwareqcn6224_firmwaresc8180xp-ad_firmwaresc8180x-aaabsnapdragon_865\+_5g_mobile_firmwaresxr1230p_firmwareqca6564au_firmwareqca6797aqsnapdragon_675_mobile_firmwareqca6688aq_firmwaresnapdragon_768g_5g_mobilesnapdragon_x35_5g_modem-rf_firmwarewsa8830_firmwaresc8180x-aaab_firmwaresd675_firmwareqca6564auqam8650p_firmwaressg2115p_firmwarewcd9390wcd9375_firmwarewcn3950qca8081wsa8845_firmwareqca6574auwcd9385wcn7750fastconnect_6700_firmwareqca6436sc8180xp-acafwcn7750_firmwaresnapdragon_x55_5g_modem-rfqam8620p_firmwareqca6174a_firmwarevision_intelligence_400fastconnect_6700fastconnect_7800_firmwareSnapdragon
CWE ID-CWE-390
Detection of Error Condition Without Action
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2024-49835
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.08%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Write in SPS Applications

Memory corruption while reading secure file.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1011_firmwarewcd9340_firmwareqcs6125_firmwaresa8775psnapdragon_765_5g_mobileqca6678aqwcd9385_firmwarewcn3988_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6431_firmwaresnapdragon_8cx_gen_3_compute_firmwareqca6678aq_firmwareqam8295p_firmwareqcs6125snapdragon_685_4g_mobileqca6698aq_firmwaresa8775p_firmwaresnapdragon_ar1_gen_1qfw7114_firmwarewsa8832_firmwaresnapdragon_xr2\+_gen_1_firmwareqcs615_firmwaresd_8_gen1_5g_firmwareqdx1010snapdragon_x55_5g_modem-rf_firmwarewcd9385wcd9340qsm8350qcn7606_firmwaresnapdragon_855\+_mobileqca6797aqsd730_firmwareqcs8550_firmwaresnapdragon_780g_5g_mobile_firmwaresm6370_firmwarefastconnect_6900wcd9326sm6650psnapdragon_865\+_5g_mobile_firmwareqcn9274snapdragon_4_gen_1_mobilefastconnect_6200_firmwareqca6574_firmwaresa8155qca6595ausm7250p_firmwareqfw7124_firmwaresnapdragon_675_mobile_firmwaresnapdragon_x50_5g_modem-rfsa8150pqca8337_firmwaresxr1120_firmwarevideo_collaboration_vc1_platform_firmwarewsa8835wcn3990_firmwaresnapdragon_888\+_5g_mobile_firmwarear8035_firmwarecsra6640sg4150p_firmwaresnapdragon_680_4g_mobile_firmwaresc8380xp_firmwaresa9000p_firmwarewcd9390sa8195psa6150pwcd9390_firmwaresnapdragon_xr1sm4125wcd9395snapdragon_x55_5g_modem-rfsnapdragon_730_mobile_firmwareqcs5430_firmwaresm8650qsd865_5gsmart_audio_400_firmwareqca6421_firmwareqca6688aqqca6574asnapdragon_x65_5g_modem-rfsnapdragon_x72_5g_modem-rfwcn3990sxr2330pwsa8810_firmwaresd670qru1062_firmwarewcd9335_firmwareqru1052_firmwareqdu1110_firmwareqcs4290wsa8815fastconnect_6200qca6436_firmwaresm8650q_firmwaresa6155psa8155psa7255psnapdragon_780g_5g_mobilesa8650p_firmwareqcc710qca6797aq_firmwarefastconnect_7800qca6391_firmwareqcn6224wcn7881_firmwareqca6696_firmwaresnapdragon_888\+_5g_mobilesm6250snapdragon_730_mobilesnapdragon_765_5g_mobile_firmwaresa9000psa4150pcsra6640_firmwaresxr2330p_firmwaresrv1lwsa8845hqdx1011snapdragon_860_mobile_firmwaresa8540p_firmwaresrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6174asnapdragon_8cx_gen_3_computesnapdragon_778g\+_5g_mobile_firmwaresm4635_firmwareqcn6274snapdragon_x62_5g_modem-rf_firmwaresm8750psnapdragon_690_5g_mobilesa8530psm7675qca8081aqt1000_firmwareqcm2290_firmwarewsa8840_firmwarewsa8845qru1032qca6688aq_firmwaresm4635qam8620pqcs4290_firmwaresa8155_firmwareqru1052wcn6740snapdragon_678_mobilesa8255p_firmwareqca6431sd730snapdragon_8_gen_1_mobilesnapdragon_x50_5g_modem-rf_firmwaresnapdragon_778g_5g_mobilesa8145p_firmwaresnapdragon_720g_mobile_firmwarewcn3910wcn3910_firmwaresd888snapdragon_690_5g_mobile_firmwarewcd9380_firmwaresm8635p_firmwarewcn6740_firmwareqamsrv1hsa8650psnapdragon_695_5g_mobile_firmwareqam8650pqdu1000wcd9370sa6155qca6574ausa6145psnapdragon_710_mobilesnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_768g_5g_mobilesmart_audio_400snapdragon_xr1_firmwarewcn3950_firmwaresnapdragon_670_mobile_firmwaresnapdragon_782g_mobile_firmwaresm7325pqca8081_firmwareqcm5430_firmwaresa8620psnapdragon_8_gen_3_mobile_firmwareqmp1000qca6426_firmwaresrv1hsa8150p_firmwarewcn3950wcd9395_firmwareqcs2290_firmwaresm8635sa6155_firmwaresnapdragon_x75_5g_modem-rfwcd9380qdu1210_firmwareqcm4290_firmwarewcn7860_firmwareqcs8550sa8770psm8635_firmwarewcn6650qcm4290wcd9326_firmwareqdu1010_firmwareqcm6125_firmwareqcn7606sm4125_firmwaresnapdragon_480\+_5g_mobilesnapdragon_auto_5g_modem-rf_gen_2qam8620p_firmwarevideo_collaboration_vc1_platformqca6420_firmwaresm7325p_firmwaresnapdragon_xr2\+_gen_1snapdragon_662_mobile_firmwarerobotics_rb2_firmwarewsa8840fastconnect_7800_firmwareqcm6125sc8380xpwcd9341snapdragon_x35_5g_modem-rfqcs5430sm8635pqca6426qdu1110wsa8835_firmwaresm8735qru1032_firmwareqcs2290qam8255p_firmwaresnapdragon_730g_mobilewcn3980qca6696snapdragon_765g_5g_mobilesnapdragon_685_4g_mobile_firmwaresa6150p_firmwarewcn6755qcn6224_firmwaresd_8_gen1_5gqcs8300_firmwareqcs8300sa8295psm7675p_firmwareqep8111robotics_rb2qca6420qdu1210qca8337qca6174a_firmwarefastconnect_6800_firmwaresm7250psnapdragon_460_mobile_firmwaresd888_firmwarewcd9378snapdragon_xr2_5gwcn6450sm7675_firmwaresm7675pwcn6650_firmwareqca6698aqsnapdragon_888_5g_mobileqca6430snapdragon_680_4g_mobilesxr2130_firmwarewcn7860wsa8810sd865_5g_firmwaresnapdragon_768g_5g_mobile_firmwareqmp1000_firmwarewcd9341_firmwaresnapdragon_x32_5g_modem-rfsa7775pqam8775psnapdragon_4_gen_1_mobile_firmwareqca6574a_firmwareqfw7124qca6595au_firmwaresnapdragon_460_mobileqcm2290wcn7750_firmwareqcs9100sa8530p_firmwaresa8540psnapdragon_730g_mobile_firmwaresa8295p_firmwaresnapdragon_480_5g_mobilesnapdragon_x65_5g_modem-rf_firmwareqca6574snapdragon_auto_5g_modem-rf_gen_2_firmwaresm7315_firmwaresxr2130wcd9335sm8750_firmwareqamsrv1h_firmwarefastconnect_6800qdu1010sa7255p_firmwarefastconnect_6700_firmwaresm8750p_firmwaresnapdragon_480_5g_mobile_firmwareqcm5430sm7635qca6430_firmwaresxr1120sm6250_firmwaresnapdragon_695_5g_mobilesm6650p_firmwaresnapdragon_670_mobilesnapdragon_x32_5g_modem-rf_firmwareqcs9100_firmwareqamsrv1msnapdragon_8_gen_3_mobileqca6436aqt1000qcn6274_firmwaresnapdragon_765g_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwareqca6421qcm6490qcc710_firmwaresd855_firmwaresm8750sm6650_firmwaresrv1m_firmwaresnapdragon_665_mobilewcn7880sd855qam8295psnapdragon_778g\+_5g_mobilesnapdragon_480\+_5g_mobile_firmwaresa8770p_firmwaresnapdragon_855_mobilesnapdragon_865\+_5g_mobileqcm6490_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_855\+_mobile_firmwarewcn7750sa4150p_firmwaresnapdragon_732g_mobilewsa8845_firmwareqcm8550snapdragon_675_mobilesnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_x72_5g_modem-rf_firmwaresnapdragon_750g_5g_mobileqca6391qca6595sa8620p_firmwarewcn7880_firmwarecsra6620snapdragon_855_mobile_firmwarewsa8845h_firmwaresnapdragon_865_5g_mobile_firmwaresd670_firmwaresa6155p_firmwareqam8775p_firmwarewcn6450_firmwarewcn7861qca6584auqca6584au_firmwareqcs6490_firmwaresa8195p_firmwareqca6574au_firmwarewcd9370_firmwaresnapdragon_720g_mobilesnapdragon_782g_mobilesa8155p_firmwareqfw7114sm6650snapdragon_870_5g_mobile_firmwareqam8255psm8735_firmwarewcn6755_firmwarewsa8832srv1mqep8111_firmwarewcd9375snapdragon_678_mobile_firmwareqru1062sa7775p_firmwaresm6370ar8035snapdragon_xr2_5g_firmwareqcs615wsa8830video_collaboration_vc3_platformqcm8550_firmwaresnapdragon_ar1_gen_1_firmwarewcd9375_firmwaresnapdragon_865_5g_mobilewcn3980_firmwaresnapdragon_662_mobilesrv1l_firmwarewcn7861_firmwaresa8255pfastconnect_6700video_collaboration_vc3_platform_firmwareqca6595_firmwaresnapdragon_x75_5g_modem-rf_firmwarewcn7881qsm8350_firmwaresnapdragon_x62_5g_modem-rfqdu1000_firmwaresm7315snapdragon_710_mobile_firmwareqcs6490snapdragon_665_mobile_firmwaresnapdragon_870_5g_mobilewcn3988wsa8830_firmwaresnapdragon_732g_mobile_firmwarecsra6620_firmwareqam8650p_firmwaresm7635_firmwaresa8145pfastconnect_6900_firmwarewcd9378_firmwareqcn9274_firmwareqamsrv1m_firmwaresnapdragon_860_mobilesa6145p_firmwaresg4150psnapdragon_750g_5g_mobile_firmwareqdx1010_firmwareSnapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-49836
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Camera

Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-49837
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.73%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Automotive OS Platform

Memory corruption while reading CPU state data during guest VM suspend.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-srv1hsa7255pqam8620pqca6688aqqamsrv1mqca6696qca6595qam8295p_firmwareqca6696_firmwareqam8650psrv1m_firmwareqam8650p_firmwaresa7775p_firmwaresa8775pqca6574au_firmwareqam8255p_firmwareqam8775psa8295psa8650p_firmwaresrv1msa8620p_firmwareqam8775p_firmwareqca6688aq_firmwaresa7255p_firmwareqca6595_firmwaresa8255pqamsrv1hsa8620psa8540p_firmwaresa8295p_firmwareqamsrv1h_firmwaresa9000psrv1l_firmwaresrv1lsa8770psrv1h_firmwareqca6698aqqam8295psa8540psa8650pqca6595au_firmwaresa8770p_firmwareqca6698aq_firmwaresa9000p_firmwareqam8620p_firmwareqamsrv1m_firmwaresa7775psa8255p_firmwareqca6595auqca6574ausa8775p_firmwareqam8255pSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-49845
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.08%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in HLOS

Memory corruption during the FRS UDS generation process.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1011_firmwarewcd9340_firmwaresa8775psnapdragon_765_5g_mobileqca6678aqwcd9385_firmwarewcn3988_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6431_firmwareqca6678aq_firmwareqam8295p_firmwareqca6698aq_firmwaresa8775p_firmwaresnapdragon_ar1_gen_1qfw7114_firmwarewsa8832_firmwareqcs615_firmwaresd_8_gen1_5g_firmwareqdx1010wcd9385snapdragon_x55_5g_modem-rf_firmwarewcd9340qsm8350qca6797aqqcs8550_firmwarefastconnect_6900snapdragon_865\+_5g_mobile_firmwaresm6650pqcn9274fastconnect_6200_firmwareqca6574_firmwareqfw7124_firmwareqca6595ausm7250p_firmwaresa8150pqca8337_firmwarewsa8835snapdragon_888\+_5g_mobile_firmwarear8035_firmwaresc8380xp_firmwaresa9000p_firmwarewcd9390sa8195psa6150pwcd9390_firmwarewcd9395snapdragon_x55_5g_modem-rfqcs5430_firmwaresm8650qsd865_5gqca6421_firmwareqca6688aqqca6574asnapdragon_x65_5g_modem-rfsnapdragon_x72_5g_modem-rfwsa8810_firmwaresxr2330pqru1062_firmwareqru1052_firmwareqdu1110_firmwarewsa8815fastconnect_6200qca6436_firmwaresm8650q_firmwaresa6155psa8155psa7255psa8650p_firmwareqcc710qca6797aq_firmwareqca6391_firmwarefastconnect_7800qcn6224wcn7881_firmwareqca6696_firmwaresnapdragon_888\+_5g_mobilesnapdragon_765_5g_mobile_firmwaresa9000psxr2330p_firmwarewsa8845hsrv1lqdx1011sa8540p_firmwaresrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6174asm4635_firmwareqcn6274snapdragon_x62_5g_modem-rf_firmwaresm8750psa8530psm7675qca8081wsa8840_firmwarewsa8845qru1032qca6688aq_firmwaresm4635qam8620pqru1052sa8255p_firmwareqca6431snapdragon_8_gen_1_mobilesa8145p_firmwarewcd9380_firmwaresm8635p_firmwareqamsrv1hsa8650pqam8650pqdu1000wcd9370qca6574ausa6145psnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_768g_5g_mobilewcn3950_firmwareqca8081_firmwareqcm5430_firmwaresa8620psnapdragon_8_gen_3_mobile_firmwareqmp1000qca6426_firmwaresa8150p_firmwaresrv1hwcn3950wcd9395_firmwareqdu1210_firmwaresm8635wcn7860_firmwaresnapdragon_x75_5g_modem-rfwcd9380qcs8550sa8770psm8635_firmwarewcn6650qdu1010_firmwaresnapdragon_auto_5g_modem-rf_gen_2qam8620p_firmwarewsa8840fastconnect_7800_firmwaresc8380xpsnapdragon_x35_5g_modem-rfqcs5430sm8635pqca6426qdu1110wsa8835_firmwaresm8735qru1032_firmwareqam8255p_firmwareqca6696snapdragon_765g_5g_mobilesc8280xp-abbb_firmwaresa6150p_firmwarewcn6755qcn6224_firmwaresd_8_gen1_5gqcs8300_firmwareqcs8300sa8295psm7675p_firmwareqep8111qca6174a_firmwareqdu1210qca8337fastconnect_6800_firmwaresm7250pwcd9378snapdragon_xr2_5gwcn6450sm7675_firmwarewcn6650_firmwareqca6698aqsm7675psnapdragon_888_5g_mobilewcn7860sxr2130_firmwarewsa8810sd865_5g_firmwaresnapdragon_768g_5g_mobile_firmwareqmp1000_firmwaresnapdragon_x32_5g_modem-rfsa7775pqam8775pqca6574a_firmwareqfw7124qca6595au_firmwarewcn7750_firmwareqcs9100sa8530p_firmwaresa8540psa8295p_firmwaresnapdragon_x65_5g_modem-rf_firmwareqca6574snapdragon_auto_5g_modem-rf_gen_2_firmwaresxr2130sm8750_firmwareqamsrv1h_firmwarefastconnect_6800qdu1010sa7255p_firmwarefastconnect_6700_firmwaresm8750p_firmwareqcm5430sm7635sm6650p_firmwareqcs9100_firmwaresnapdragon_x32_5g_modem-rf_firmwareqamsrv1mqca6436snapdragon_8_gen_3_mobilesnapdragon_765g_5g_mobile_firmwareqcn6274_firmwareqca6421qcm6490qcc710_firmwaresm8750sm6650_firmwaresrv1m_firmwarewcn7880qam8295psa8770p_firmwaresnapdragon_865\+_5g_mobileqcm6490_firmwaresc8280xp-abbbwcn7750wsa8845_firmwareqcm8550snapdragon_x72_5g_modem-rf_firmwarewcn7880_firmwareqca6391qca6595sa8620p_firmwarewsa8845h_firmwaresnapdragon_865_5g_mobile_firmwaresa6155p_firmwarewcn6450_firmwarewcn7861qam8775p_firmwareqca6584au_firmwareqca6584auqcs6490_firmwaresa8195p_firmwareqca6574au_firmwarewcd9370_firmwaresa8155p_firmwareqfw7114sm6650qam8255psnapdragon_870_5g_mobile_firmwaresm8735_firmwarewsa8832wcn6755_firmwareqep8111_firmwaresrv1mwcd9375qru1062sa7775p_firmwarear8035snapdragon_xr2_5g_firmwareqcs615wsa8830video_collaboration_vc3_platformqcm8550_firmwaresnapdragon_ar1_gen_1_firmwarewcd9375_firmwaresnapdragon_865_5g_mobilesrv1l_firmwarewcn7861_firmwaresa8255pfastconnect_6700video_collaboration_vc3_platform_firmwareqca6595_firmwarewcn7881qsm8350_firmwaresnapdragon_x75_5g_modem-rf_firmwaresnapdragon_x62_5g_modem-rfqdu1000_firmwareqcs6490snapdragon_870_5g_mobilewcn3988wsa8830_firmwareqam8650p_firmwaresm7635_firmwaresa8145pfastconnect_6900_firmwarewcd9378_firmwareqcn9274_firmwareqamsrv1m_firmwaresa6145p_firmwareqdx1010_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-49842
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.23%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in Hypervisor

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwareqcm8550_firmwarerobotics_rb3sd865_5gqca6595sm8735wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwarewcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750qcc710_firmwareqca6426fastconnect_6700snapdragon_x50_5g_modem-rf_firmwarewsa8832_firmwaresnapdragon_wear_4100\+_firmwareqca8337qdu1110qca6426_firmwarewcd9395sc8180xp-aaabqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresc8180xp-acafsrv1hsnapdragon_850_mobile_computewcn3660b_firmwareqcs9100sdx80mfastconnect_6800_firmwareqcs5430wcn7860qcm5430qcm5430_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwaresnapdragon_wear_4100\+fastconnect_6900qru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwareqca6421qca6310qam8255p_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfwsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qam8650pqdu1000_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobileqdu1010wcd9326_firmwaresa6155p_firmwaresnapdragon_845_mobile_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750psnapdragon_x55_5g_modem-rf_firmwaresnapdragon_x62_5g_modem-rf_firmwareqmp1000qca6420wcd9370_firmwareqdu1110_firmwareqdu1000wcn3660bqca6574asnapdragon_x72_5g_modem-rf_firmwaresa7255p_firmwarewcn3620_firmwareqca6174awcd9340qdu1210snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sa8540p_firmwareqcm8550snapdragon_765_5g_mobile_firmwareqcn9274vision_intelligence_300_firmwaresa8775pqca6574sd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresa8775p_firmwareqamsrv1hsdx57mwsa8845hwcd9326sa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwaresa6155wcn3620srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareqcn6224snapdragon_429_mobileqca6698aqwcn3950_firmwaresa7775p_firmwaressg2125p_firmwarefastconnect_6200sd670wcn3680bsc8180x-acaf_firmwarewcd9378qdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490sc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresdx57m_firmwaresrv1lsxr2130_firmwaresrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwarewcn7860_firmwaresc8380xpsnapdragon_x62_5g_modem-rfqca6564ausc8180xp-adsc8280xp-abbbwsa8815_firmwareqca8337_firmwareqca9377_firmwareqcm6490_firmwaresm7250p_firmwareqru1032vision_intelligence_400_firmwarewcn3950snapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesm7250psc8180x-acafsa8155sd_8cx_firmwaresc8180x-ad_firmwareqca6584auqcn6274_firmwareqru1062_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062qca6310_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150psxr2330psnapdragon_x24_lte_modemsc8180x-aaabsxr1230psc8180x-aaab_firmwarewcn7881video_collaboration_vc3_platformaqt1000qca6688aqqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmwareqca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobileqdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresm8750_firmwaresdx55_firmwaressg2125pqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mqca6174a_firmwarewcn7861_firmwarewcn7861snapdragon_x50_5g_modem-rfqam8650p_firmwaresnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresdm429wqam8620psd855_firmwarewcn3980_firmwareqca6436qca6584au_firmwareqcn6274snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqfw7124qca6595au_firmwareqdu1010_firmwareqcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca9377snapdragon_ar2_gen_1_firmwareqca6797aqsnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55snapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675sd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwareqcn9274_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfqru1052_firmwaresa8770p_firmwaresa8295pqcs8550sm8735_firmwaresc8280xp-abbb_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwarewcd9375qca6688aq_firmwarevision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobileqamsrv1h_firmwaresd_675wsa8835_firmwaresdx80m_firmwaresd_8cxssg2115p_firmwarevision_intelligence_400wcn3980qdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-284
Improper Access Control
  • Previous
  • 1
  • 2
  • ...
  • 10
  • 11
  • 12
  • ...
  • 24
  • 25
  • Next
Details not found