ByteOS Network

Known KEV||Action Due Date - 2023-12-26||Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Integer Overflow or Wraparound in Graphics Linux

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2023-33029

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.02%

7 Day CHG~0.00%

Published-03 Oct, 2023 | 05:00

Updated-11 Aug, 2025 | 15:06

Use After Free in DSP Service

Memory corruption in DSP Service during a remote call from HLOS to DSP.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2023-33108

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 18.93%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-11 Aug, 2025 | 15:06

Use After Free in Graphics

Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued.

CWE ID-CWE-416

Use After Free

CVE-2023-33113

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.11% / 30.04%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Kernel

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-33118

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 30.04%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-11 Aug, 2025 | 15:06

Use After Free in Automotive Audio

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2023-33035

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.02%

7 Day CHG~0.00%

Published-03 Oct, 2023 | 05:00

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input in Audio

Memory corruption while invoking callback function of AFE from ADSP.

Vendor-Qualcomm Technologies, Inc.

Product-qcm8550_firmware qcs410_firmware sa6150p_firmware sd865_5g sw5100p qca6595 qcs610_firmware wcd9335 wcd9370 qca8081_firmware qca6696 sm7250-ab wcd9340_firmware wcd9341_firmware wcd9395_firmware qca6390 qcc710_firmware qca6426 wcn6740_firmware sa4150p sm7325-ae_firmware qca8337 qca6426_firmware wcd9395 qca6574au_firmware wcn785x-5 qam8295p wcd9341 qca6574au wcd9390 snapdragon_x12_lte_modem wsa8810_firmware wsa8845h_firmware csra6640 wcn3660b_firmware sm6375_firmware video_collaboration_vc1_platform_firmware sa4155p sm8350 qcc710 sm6375 sm7250-aa_firmware video_collaboration_vc1_platform qfw7114 wcd9385_firmware qca6421 snapdragon_x55_5g_modem-rf_system qam8255p_firmware snapdragon_8\+_gen_2_mobile_platform_firmware wsa8845 sa6155p qca6421_firmware wsa8810 qam8650p video_collaboration_vc5_platform_firmware snapdragon_8\+_gen_2_mobile_platform sm8350-ac qca6595au sm7315_firmware sm7325_firmware wcd9326_firmware sa6155p_firmware wsa8840 qcs8550_firmware qca6390_firmware qfw7124_firmware qca6436_firmware qcn9012 mdm9650_firmware snapdragon_8_gen_2_mobile_platform wcn3910_firmware snapdragon_7c\+_gen_3_compute_firmware sm4125_firmware sm8250-ac_firmware wcn3910 wcd9370_firmware snapdragon_x55_5g_modem-rf_system_firmware snapdragon_660_mobile_platform wcn3660b qca6574a sm7325-ae qca6174a sa8195p wcd9340 qcs8250_firmware qcm2290 sm6225 qcm6490 sm8550p_firmware wcn3998_firmware qcm8550 wcn3988 qca6574 sm7325-af snapdragon_x75_5g_modem-rf_system qcn9011 wsa8845h wcd9326 sa6150p sm7250-aa qcs410 qcm2290_firmware sa8155p_firmware wcn685x-1_firmware sa8155p wsa8830 snapdragon_662_mobile_platform sm8550p sa6145p sa8255p_firmware wcn785x-1_firmware ar8035 qrb5165m_firmware qcm4325 qcn6224 qca6698aq qm215_firmware wcn3950_firmware qrb5165n sm7250-ac wcn685x-1 sa8145p_firmware sm7325p_firmware wcn3680b sa8150p_firmware s820a_firmware snapdragon_w5\+_gen_1_wearable_platform video_collaboration_vc3_platform_firmware wcn3990 qcs6490 qcs8250 wsa8830_firmware qcn6224_firmware qca6431 wsa8845_firmware sd660_firmware sm6350 sxr2130_firmware ar8035_firmware qrb5165m sm8250-ab_firmware sa4150p_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware sd888_firmware snapdragon_662_mobile_platform_firmware sm6225_firmware sm7325-af_firmware wsa8815_firmware sa8195p_firmware sm8250-ab qca8337_firmware qcm4290 snapdragon_x12_lte_modem_firmware sm7325 sg8275p_firmware qca9377_firmware qcm6490_firmware sm8350-ac_firmware sm7250p_firmware sm4125 wcn785x-5_firmware wcn3950 snapdragon_xr2_5g_platform sm4250-aa apq5053-aa_firmware qca6797aq_firmware snapdragon_7c\+_gen_3_compute snapdragon_xr2\+_gen_1_platform_firmware sm4350_firmware sm7350-ab_firmware wcn3991 sa8295p_firmware apq5053-aa sa4155p_firmware sm7250p qcn6274_firmware sd888 qcn9011_firmware sw5100_firmware wcn685x-5 wcn6740 sm6225-ad_firmware qfw7114_firmware qca6595_firmware qcs7230 s820a sm8250-ac sm7225 wcd9380 sa6145p_firmware qam8255p snapdragon_xr2_5g_platform_firmware sa8150p sm7350-ab snapdragon_auto_5g_modem-rf_firmware qrb5165_firmware sm8350_firmware sm6225-ad sm4350-ac sw5100 video_collaboration_vc3_platform wcn3991_firmware qam8295p_firmware qca6431_firmware sm7225_firmware wcn3990_firmware sm7315 qca6698aq_firmware qcs2290 wcd9385 qcs2290_firmware wcn3615 sa8255p qcs7230_firmware qcs4290 wcd9390_firmware wcn6750 sg8275p wcn6750_firmware mdm9650 snapdragon_auto_5g_modem-rf wcn3615_firmware sm7250-ab_firmware sxr2130 csra6640_firmware sm4350 snapdragon_xr2\+_gen_1_platform qca6174a_firmware sm7325p qam8650p_firmware wcn3998 video_collaboration_vc5_platform qcs6490_firmware wcd9335_firmware wcn3980_firmware qcn6274 qca6436 qfw7124 qrb5165n_firmware wsa8835 qca6595au_firmware qca6391_firmware wsa8840_firmware sw5100p_firmware sm4250-aa_firmware qca6696_firmware qcs4290_firmware wcd9380_firmware qca6574_firmware wsa8815 csra6620 qca8081 sd660 sg4150p sm4375 qam8775p qca6797aq qca9377 sm4375_firmware qcm4325_firmware qca6574a_firmware qcm4290_firmware sm6350_firmware wcd9375_firmware qca6391 qrb5165 wcn785x-1 qcn9012_firmware sg4150p_firmware snapdragon_8_gen_2_mobile_platform_firmware csra6620_firmware sa8295p qcs8550 qm215 qam8775p_firmware sd865_5g_firmware wcd9375 wcn685x-5_firmware wcn3988_firmware sa8145p sm4350-ac_firmware wsa8835_firmware snapdragon_660_mobile_platform_firmware snapdragon_x75_5g_modem-rf_system_firmware sm7250-ac_firmware wcn3980 wcn3680b_firmware qcs610 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-33059

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.44%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input in Audio

Memory corruption in Audio while processing the VOC packet data from ADSP.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-191

Integer Underflow (Wrap or Wraparound)

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-33120

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.14% / 34.15%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-11 Aug, 2025 | 15:06

Use After Free in Audio

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2023-33106

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.04% / 13.21%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:04

Updated-11 Aug, 2025 | 15:06

Known KEV||Action Due Date - 2023-12-26||Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.

Use of Out-of-range Pointer Offset in Graphics

Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2023-33087

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 18.93%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:04

Updated-11 Aug, 2025 | 15:06

Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Core

Memory corruption in Core while processing RX intent request.

Vendor-Qualcomm Technologies, Inc.

Product-qdx1010_firmware qcm8550_firmware qcs410_firmware sa6150p_firmware sw5100p wsa8832 wsa8845_firmware qca6595 qcs610_firmware wcd9335 wcd9370 qca8081_firmware ar8035_firmware qca6696 wsa8830_firmware wcd9340_firmware qrb5165m wcd9341_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware sa4150p_firmware wcd9395_firmware qcc710_firmware sm6225_firmware sa4150p wsa8815_firmware wsa8832_firmware sa8195p_firmware qca8337_firmware qca8337 qdu1110 wcd9395 sg8275p_firmware qcm6490_firmware qca6574au_firmware wcn785x-5 qam8295p wcd9341 qcm4490_firmware qca6574au qru1032 wcn785x-5_firmware flight_rb5_5g_platform wcd9390 wcn3950 wsa8810_firmware wsa8845h_firmware csra6640 sa9000p_firmware apq5053-aa_firmware qca6797aq_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware wcn3991 qcs5430 sa8295p_firmware apq5053-aa sa4155p_firmware snapdragon_4_gen_2_mobile_platform_firmware qcm5430 qcm5430_firmware video_collaboration_vc1_platform_firmware sa4155p sa8770p qca6584au qcn6274_firmware ssg2115p qcn9011_firmware qcc710 qru1062_firmware snapdragon_4_gen_2_mobile_platform sw5100_firmware wcn685x-5 qru1062 sm6225-ad_firmware qfw7114_firmware qca6595_firmware qcs7230 sm8450_firmware video_collaboration_vc1_platform qru1032_firmware qfw7114 wcd9385_firmware qam8255p_firmware wcd9380 sa6145p_firmware qam8255p sxr2230p sa8150p snapdragon_ar2_gen_1_platform_firmware qcs4490 snapdragon_8\+_gen_2_mobile_platform_firmware wsa8845 sa6155p snapdragon_auto_5g_modem-rf_firmware qrb5165_firmware sxr1230p wsa8810 sm6225-ad qam8650p qdu1000_firmware video_collaboration_vc5_platform_firmware sa9000p snapdragon_8\+_gen_2_mobile_platform sw5100 qca6595au video_collaboration_vc3_platform qdu1010 sa6155p_firmware wsa8840 wcn3991_firmware qam8295p_firmware qcs8550_firmware qdu1210_firmware qfw7124_firmware qca6698aq_firmware wcd9385 qcn9012 snapdragon_8\+_gen_1_mobile_platform qcs4490_firmware snapdragon_8_gen_2_mobile_platform sa8255p qcs7230_firmware sxr1230p_firmware wcd9390_firmware wcn6750 sg8275p wcn6750_firmware wcd9370_firmware qdx1011_firmware snapdragon_auto_5g_modem-rf qdu1110_firmware qdu1000 ssg2125p qca6574a qru1052 qcm4490 sa8195p wcd9340 csra6640_firmware qcs8250_firmware qdu1210 sm6225 snapdragon_auto_5g_modem-rf_gen_2 qcm6490 qam8650p_firmware wcn3998 video_collaboration_vc5_platform sm8550p_firmware wcn3998_firmware qcm8550 wcn3988 qcs6490_firmware sm8450 qca6584au_firmware wcd9335_firmware qcn6274 qca6574 qfw7124 qrb5165n_firmware sa8775p qca6595au_firmware qca6391_firmware snapdragon_x75_5g_modem-rf_system sxr2230p_firmware wsa8835 qdu1010_firmware wsa8840_firmware sw5100p_firmware qcn9011 sa8775p_firmware snapdragon_ar2_gen_1_platform qca6696_firmware wsa8845h wcd9380_firmware sa6150p qca6574_firmware qcs410 sa8155p_firmware csra6620 qca8081 sg4150p sa8155p wcn3980_firmware wsa8815 qam8775p qca6797aq wsa8830 sm8550p sa6145p snapdragon_8\+_gen_1_mobile_platform_firmware qcm4325_firmware sa8255p_firmware flight_rb5_5g_platform_firmware wcn785x-1_firmware ar8035 qca6574a_firmware qrb5165m_firmware qcm4325 wcd9375_firmware qca6391 qcn6224 qrb5165 wcn785x-1 qcn9012_firmware qcs5430_firmware qca6698aq sg4150p_firmware ssg2125p_firmware qru1052_firmware qrb5165n csra6620_firmware sa8295p sa8770p_firmware snapdragon_8_gen_2_mobile_platform_firmware qcs8550 wcn3950_firmware wcn685x-1 sa8145p_firmware qam8775p_firmware qdx1011 wcd9375 wcn685x-5_firmware sa8150p_firmware snapdragon_w5\+_gen_1_wearable_platform wcn3988_firmware video_collaboration_vc3_platform_firmware sa8145p wsa8835_firmware ssg2115p_firmware snapdragon_x75_5g_modem-rf_system_firmware qcs6490 qcs8250 wcn3980 qdx1010 wcn685x-1_firmware qcn6224_firmware qcs610 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-33079

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 18.93%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:04

Updated-11 Aug, 2025 | 15:06

Use of Out-of-range Pointer Offset in Audio

Memory corruption in Audio while running invalid audio recording from ADSP.

Vendor-Qualcomm Technologies, Inc.

Product-qcm8550_firmware qcs410_firmware sa6150p_firmware sd865_5g sw5100p qca6595 qcs610_firmware wcd9335 wcd9370 qca8081_firmware qca6696 sm7250-ab wcd9340_firmware wcd9341_firmware wcd9395_firmware qca6390 qcc710_firmware qca6426 wcn6740_firmware sa4150p sm7325-ae_firmware qca8337 qca6426_firmware wcd9395 qca6574au_firmware wcn785x-5 qam8295p wcd9341 qca6574au wcd9390 wsa8810_firmware wsa8845h_firmware csra6640 sa9000p_firmware wcn3660b_firmware qcs5430 sm6375_firmware qcm5430 qcm5430_firmware video_collaboration_vc1_platform_firmware sa4155p sm8350 sa8770p qcc710 sm6375 sm7250-aa_firmware video_collaboration_vc1_platform qfw7114 wcd9385_firmware snapdragon_x55_5g_modem-rf_system qam8255p_firmware snapdragon_8\+_gen_2_mobile_platform_firmware wsa8845 sa6155p wsa8810 qam8650p video_collaboration_vc5_platform_firmware sa9000p snapdragon_8\+_gen_2_mobile_platform sm8350-ac qca6595au sm7315_firmware sm7325_firmware wcd9326_firmware sa6155p_firmware wsa8840 qcs8550_firmware qca6390_firmware qfw7124_firmware qca6436_firmware qcn9012 snapdragon_8_gen_2_mobile_platform wcn3910_firmware snapdragon_7c\+_gen_3_compute_firmware sm4125_firmware sm8250-ac_firmware wcn3910 wcd9370_firmware snapdragon_x55_5g_modem-rf_system_firmware wcn3660b qca6574a sm7325-ae sa8195p wcd9340 qcs8250_firmware qcm2290 sm6225 snapdragon_auto_5g_modem-rf_gen_2 qcm6490 sm8550p_firmware wcn3998_firmware qcm8550 wcn3988 sa8775p qca6574 sm7325-af snapdragon_x75_5g_modem-rf_system qcn9011 sa8775p_firmware wsa8845h wcd9326 sa6150p sm7250-aa qcs410 qcm2290_firmware sa8155p_firmware wcn685x-1_firmware sa8155p wsa8830 snapdragon_662_mobile_platform sm8550p sa6145p sa8255p_firmware flight_rb5_5g_platform_firmware wcn785x-1_firmware ar8035 qrb5165m_firmware qcm4325 qcn6224 qca6698aq qm215_firmware wcn3950_firmware qrb5165n sm7250-ac wcn685x-1 sa8145p_firmware sm7325p_firmware wcn3680b sa8150p_firmware snapdragon_w5\+_gen_1_wearable_platform video_collaboration_vc3_platform_firmware wcn3990 qcs6490 qcs8250 wsa8830_firmware qcn6224_firmware wsa8845_firmware sd660_firmware sm6350 sxr2130_firmware ar8035_firmware qrb5165m sm8250-ab_firmware sa4150p_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware sd888_firmware snapdragon_662_mobile_platform_firmware sm6225_firmware sm7325-af_firmware wsa8815_firmware sa8195p_firmware sm8250-ab qca8337_firmware qcm4290 sm7325 sg8275p_firmware qcm6490_firmware sm8350-ac_firmware sm7250p_firmware sm4125 wcn785x-5_firmware flight_rb5_5g_platform wcn3950 snapdragon_xr2_5g_platform sm4250-aa apq5053-aa_firmware qca6797aq_firmware snapdragon_7c\+_gen_3_compute snapdragon_auto_5g_modem-rf_gen_2_firmware snapdragon_xr2\+_gen_1_platform_firmware sm7350-ab_firmware wcn3991 sa8295p_firmware apq5053-aa sa4155p_firmware sm7250p qca6584au qcn6274_firmware sd888 qcn9011_firmware sw5100_firmware wcn685x-5 wcn6740 sm6225-ad_firmware qfw7114_firmware qca6595_firmware qcs7230 sm8250-ac sm8250_firmware sm7225 wcd9380 sa6145p_firmware qam8255p snapdragon_xr2_5g_platform_firmware sa8150p sm7350-ab snapdragon_auto_5g_modem-rf_firmware qrb5165_firmware sm8350_firmware sm6225-ad sm4350-ac sw5100 video_collaboration_vc3_platform wcn3991_firmware qam8295p_firmware sm7225_firmware wcn3990_firmware sm7315 qca6698aq_firmware qcs2290 wcd9385 qcs2290_firmware wcn3615 sa8255p qcs7230_firmware qcs4290 wcd9390_firmware wcn6750 sg8275p wcn6750_firmware snapdragon_auto_5g_modem-rf wcn3615_firmware sm7250-ab_firmware sxr2130 csra6640_firmware snapdragon_xr2\+_gen_1_platform sm7325p qam8650p_firmware wcn3998 video_collaboration_vc5_platform qcs6490_firmware wcn3980_firmware qca6584au_firmware wcd9335_firmware qcn6274 qca6436 qfw7124 qrb5165n_firmware qca6595au_firmware qca6391_firmware wsa8835 wsa8840_firmware sw5100p_firmware sm4250-aa_firmware sm8250 qca6696_firmware qcs4290_firmware wcd9380_firmware qca6574_firmware wsa8815 csra6620 qca8081 sd660 sg4150p sm4375 qam8775p qca6797aq sm4375_firmware qcm4325_firmware qca6574a_firmware qcm4290_firmware sm6350_firmware wcd9375_firmware qca6391 qrb5165 wcn785x-1 qcn9012_firmware qcs5430_firmware sg4150p_firmware sa8770p_firmware csra6620_firmware sa8295p snapdragon_8_gen_2_mobile_platform_firmware qcs8550 qm215 qam8775p_firmware sd865_5g_firmware wcd9375 wcn685x-5_firmware wcn3988_firmware sa8145p sm4350-ac_firmware wsa8835_firmware snapdragon_x75_5g_modem-rf_system_firmware wcn3980 sm7250-ac_firmware wcn3680b_firmware qcs610 Snapdragon

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2023-33032

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-9.3||CRITICAL

EPSS-0.06% / 18.93%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-16 Jun, 2025 | 18:30

Integer Overflow or Wraparound in TZ Secure OS

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-190

Integer Overflow or Wraparound

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-33067

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.42%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-11 Aug, 2025 | 15:06

Use of Out-of-range Pointer Offset in Audio

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2023-33066

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.07% / 21.75%

7 Day CHG~0.00%

Published-04 Mar, 2024 | 10:48

Updated-11 Aug, 2025 | 15:06

Use of Out-of-range Pointer Offset in Audio

Memory corruption in Audio while processing RT proxy port register driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CVE-2023-33110

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.08% / 25.55%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-21 May, 2025 | 14:09

Use of Out-of-range Pointer Offset in Audio

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE-2023-33023

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 19.02%

7 Day CHG~0.00%

Published-01 Apr, 2024 | 15:05

Updated-11 Aug, 2025 | 15:06

Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications

Memory corruption while processing finish_sign command to pass a rsp buffer.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-33018

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 19.44%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:04

Updated-11 Aug, 2025 | 15:06

Integer Overflow to Buffer Overflow in User Identity Module

Memory corruption while using the UIM diag command to get the operators name.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-190

Integer Overflow or Wraparound

CWE ID-CWE-680

Integer Overflow to Buffer Overflow

CVE-2023-33039

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.03% / 6.84%

7 Day CHG~0.00%

Published-03 Oct, 2023 | 05:00

Updated-27 Feb, 2025 | 20:47

Use After Free in Automotive Display

Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

CWE ID-CWE-416

Use After Free

CVE-2023-33046

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 2.89%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:46

Updated-11 Aug, 2025 | 15:06

Time-of-check Time-of-use (TOCTOU) Race Condition in Trusted Execution Environment

Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation.

Vendor-Qualcomm Technologies, Inc.

Product-qcm8550_firmware wsa8845_firmware wsa8832 wsa8840 qam8295p_firmware qca6595 qcs8550_firmware qca8081_firmware ar8035_firmware qca6696 qrb5165m qca6698aq_firmware wcd9385 qcn9012 wcd9395_firmware qcn6024 snapdragon_8_gen_2_mobile_platform qcs7230_firmware sxr1230p_firmware wcd9390_firmware sg8275p wsa8832_firmware qca8337_firmware snapdragon_x70_modem-rf_system_firmware qca8337 wcd9395 ssg2125p sg8275p_firmware qca6574au_firmware snapdragon_8cx_gen_3_compute_platform_firmware qam8295p qcs8250_firmware qca6574au wcd9390 sa8540p_firmware flight_rb5_5g_platform video_collaboration_vc5_platform wsa8845h_firmware sm8550p_firmware qcm8550 sa9000p_firmware snapdragon_x65_5g_modem-rf_system qcn9024 snapdragon_x65_5g_modem-rf_system_firmware qrb5165n_firmware wsa8835 wsa8840_firmware sxr2230p_firmware qca6391_firmware qcn9011 snapdragon_ar2_gen_1_platform sa8295p_firmware qca6696_firmware qcn9024_firmware snapdragon_8cx_gen_3_compute_platform qcn6024_firmware wsa8845h wcd9380_firmware qca8081 wsa8830 sm8550p ssg2115p qcn9011_firmware flight_rb5_5g_platform_firmware ar8035 sa8540p qrb5165m_firmware qca6595_firmware qcs7230 fastconnect_6900 fastconnect_7800_firmware robotics_rb5_platform qca6391 snapdragon_x70_modem-rf_system qcn9012_firmware qca6698aq ssg2125p_firmware wcd9385_firmware qrb5165n fastconnect_6900_firmware sa8295p snapdragon_8_gen_2_mobile_platform_firmware robotics_rb5_platform_firmware wcd9380 qcs8550 sxr2230p fastconnect_7800 snapdragon_ar2_gen_1_platform_firmware snapdragon_8\+_gen_2_mobile_platform_firmware wsa8845 wsa8835_firmware sxr1230p ssg2115p_firmware video_collaboration_vc5_platform_firmware qcs8250 sa9000p snapdragon_8\+_gen_2_mobile_platform wsa8830_firmware Snapdragon

CWE ID-CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-33034

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 18.59%

7 Day CHG~0.00%

Published-03 Oct, 2023 | 05:00

Updated-11 Aug, 2025 | 15:06

Signed-to-unsigned conversion error in Audio

Memory corruption while parsing the ADSP response command.

Vendor-Qualcomm Technologies, Inc.

Product-qcs410_firmware sa6150p_firmware qca6595 qcs610_firmware wcd9335 wcd9370 qca6696 qrb5165m wcd9341_firmware sa4150p_firmware sd888_firmware wcn6740_firmware sa4150p sm7325-af_firmware wsa8815_firmware sm7325-ae_firmware sa8195p_firmware sm7325 qcm6490_firmware qca6574au_firmware sm8350-ac_firmware qam8295p wcd9341 qca6574au flight_rb5_5g_platform wcn3950 wsa8810_firmware csra6640 apq5053-aa_firmware snapdragon_7c\+_gen_3_compute sm7350-ab_firmware wcn3991 sa8295p_firmware sm6375_firmware apq5053-aa sa4155p_firmware video_collaboration_vc1_platform_firmware sa4155p sm8350 sd888 qcn9011_firmware sm6375 wcn685x-5 wcn6740 qca6595_firmware video_collaboration_vc1_platform wcd9385_firmware wcd9380 sa6145p_firmware sa8150p sa6155p sm7350-ab sm8350_firmware wsa8810 sm4350-ac sm8350-ac video_collaboration_vc3_platform qca6595au sm7315_firmware sm7325_firmware sa6155p_firmware wcn3991_firmware qam8295p_firmware sm7315 qca6698aq_firmware wcd9385 qcn9012 snapdragon_7c\+_gen_3_compute_firmware wcn6750 wcn6750_firmware wcd9370_firmware sm7325-ae sa8195p csra6640_firmware sm7325p qcm6490 wcn3998 wcn3998_firmware wcn3988 qcs6490_firmware wcd9335_firmware wcn3980_firmware qrb5165n_firmware sm7325-af wsa8835 qca6595au_firmware qca6391_firmware qcn9011 qca6696_firmware wcd9380_firmware sa6150p qcs410 sa8155p_firmware csra6620 wsa8815 sa8155p sm4375 wsa8830 sm4375_firmware sa6145p flight_rb5_5g_platform_firmware qrb5165m_firmware wcd9375_firmware robotics_rb5_platform qca6391 qcn9012_firmware qca6698aq wcn3950_firmware qrb5165n csra6620_firmware sa8295p robotics_rb5_platform_firmware wcn685x-1 sa8145p_firmware sm7325p_firmware wcd9375 wcn685x-5_firmware sa8150p_firmware wcn3988_firmware video_collaboration_vc3_platform_firmware sa8145p sm4350-ac_firmware wsa8835_firmware qcs6490 wcn3980 wsa8830_firmware wcn685x-1_firmware qcs610 Snapdragon

CWE ID-CWE-195

Signed to Unsigned Conversion Error

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-33094

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 18.93%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-11 Aug, 2025 | 15:06

Use After Free in Linux Graphics

Memory corruption while running VK synchronization with KASAN enabled.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2023-33077

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.63%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input in HLOS

Memory corruption in HLOS while converting from authorization token to HIDL vector.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-33022

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.06% / 18.93%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:04

Updated-11 Aug, 2025 | 15:06

Integer Overflow to Buffer Overflow in HLOS

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Vendor-Qualcomm Technologies, Inc.

Product-qdx1010_firmware qcm8550_firmware qcs410_firmware sa6150p_firmware sd865_5g sw5100p sxr1120 vision_intelligence_300_platform qca6595 snapdragon_xr1_platform qcs610_firmware wcd9335 wcd9370 qca8081_firmware sm7250-ab snapdragon_x50_5g_modem-rf_system qca6696 wcd9340_firmware wcd9341_firmware wcd9395_firmware qcn6024 qca6390 qcc710_firmware qca6426 sc8180x-ab wcn6740_firmware sa4150p sm7325-ae_firmware wsa8832_firmware qca8337 qdu1110 qca6426_firmware wcd9395 qca6574au_firmware qcn7606_firmware wcn785x-5 qam8295p sm8150_firmware wcd9341 qca6574au wcd9390 wsa8810_firmware sd730_firmware wsa8845h_firmware csra6640 sc8180x-af_firmware sa9000p_firmware sd730 sdm670 qcs5430 sm8150-ac sm6375_firmware qcn6024_firmware sm7150-ac qcm5430 qcm5430_firmware video_collaboration_vc1_platform_firmware sa4155p sm8350 sa8770p qcm6125_firmware ssg2115p qcc710 sm6375 sa8540p sm7250-aa_firmware sxr1120_firmware qsm8250_firmware sc8180xp-ac qsm8350_firmware 315_5g_iot_modem_firmware sm8450_firmware video_collaboration_vc1_platform qru1032_firmware qfw7114 wcd9385_firmware qca6421 315_5g_iot_modem snapdragon_x55_5g_modem-rf_system qam8255p_firmware sa8155_firmware sm7150-ab qcs603_firmware wcd9360 snapdragon_ar2_gen_1_platform_firmware sc7180-ad sc8180xp-af snapdragon_8\+_gen_2_mobile_platform_firmware wsa8845 sa6155p qca6421_firmware qcm6125 sm7150-ac_firmware sc8180x-ad sm7125 wsa8810 qam8650p qdu1000_firmware sa9000p qsm8250 snapdragon_8\+_gen_2_mobile_platform sm8350-ac qca6595au sm7325_firmware sm7315_firmware qdu1010 wcd9326_firmware sa6155p_firmware wsa8840 qcs8550_firmware qca6390_firmware qdu1210_firmware qfw7124_firmware qca6436_firmware sc8180x-af wcd9371_firmware snapdragon_8_gen_2_mobile_platform wcn3910_firmware snapdragon_7c\+_gen_3_compute_firmware sm4125_firmware sm8250-ac_firmware qca6420 wcn3910 wcd9370_firmware snapdragon_x55_5g_modem-rf_system_firmware qdu1110_firmware qdu1000 qca6574a sm7325-ae sa8195p wcd9340 qcm2290 qdu1210 sm6150-ac sm6225 snapdragon_auto_5g_modem-rf_gen_2 sc8180xp-aa_firmware qcm6490 sa8540p_firmware sm8150-ac_firmware sm8550p_firmware wcn3998_firmware qcm8550 wcn3988 qcn9024 sa8775p qca6574 sm7325-af snapdragon_x75_5g_modem-rf_system sxr2230p_firmware sd675_firmware sdm710_firmware qca6430_firmware sc8180x-aa sa8775p_firmware qcs605 qcn9024_firmware wsa8845h sc8180xp-ac_firmware sa6150p sm7250-aa wcd9326 qcs410 qcm2290_firmware sa8155p_firmware sa8155p wsa8830 snapdragon_675_mobile_platform snapdragon_662_mobile_platform sm8550p sa6145p sc8180x\+sdx55_firmware sa8255p_firmware flight_rb5_5g_platform_firmware wcn785x-1_firmware ar8035 sa6155 qrb5165m_firmware qcm4325 qcn6224 sc8280xp-ab sc8180x\+sdx55 qca6698aq wcn3950_firmware ssg2125p_firmware sm6250 qrb5165n sc7180-ac sm7250-ac sc8180x-aa_firmware sd670 wcn685x-1 sm7325p_firmware sa8145p_firmware wcd9360_firmware qdx1011 sa8150p_firmware snapdragon_w5\+_gen_1_wearable_platform video_collaboration_vc3_platform_firmware wcn3990 sd670_firmware qcs6490 sc8280xp-bb_firmware wsa8830_firmware sm7150-aa qcn6224_firmware qca6431 wsa8845_firmware wsa8832 qcs603 sm6350 sxr2130_firmware snapdragon_675_mobile_platform_firmware ar8035_firmware qrb5165m sc8380xp snapdragon_w5\+_gen_1_wearable_platform_firmware sm8250-ab_firmware sa4150p_firmware sd888_firmware snapdragon_662_mobile_platform_firmware qcs6125_firmware sm6225_firmware sc8180xp-ad sm6250p_firmware sm7325-af_firmware sdm712_firmware wsa8815_firmware sm8250-ab sa8195p_firmware qca8337_firmware qcm4290 sm7325 sm6125_firmware sg8275p_firmware qcm6490_firmware sm8350-ac_firmware sm7250p_firmware sm4125 qru1032 wcn785x-5_firmware wcn3950 flight_rb5_5g_platform snapdragon_xr2_5g_platform sm4250-aa qcs6125 apq5053-aa_firmware snapdragon_x65_5g_modem-rf_system_firmware qca6797aq_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware snapdragon_7c\+_gen_3_compute snapdragon_xr2\+_gen_1_platform_firmware sm4350_firmware sm7350-ab_firmware wcn3991 sa8295p_firmware sd_675_firmware apq5053-aa sdm710 sa4155p_firmware sm7250p sm6250_firmware sa8155 sc8180x-ad_firmware sm7150-aa_firmware qca6584au sd888 qcn6274_firmware qru1062_firmware sw5100_firmware wcn685x-5 wcn6740 sc8380xp_firmware qru1062 sm6225-ad_firmware qfw7114_firmware qcs605_firmware sc8280xp-ab_firmware qca6595_firmware sm8250-ac sm8250_firmware wcd9371 sc8180xp-aa sm7225 wcd9380 sa6145p_firmware qam8255p sa6155_firmware sxr2230p snapdragon_xr2_5g_platform_firmware sa8150p vision_intelligence_300_platform_firmware sm7350-ab snapdragon_auto_5g_modem-rf_firmware qrb5165_firmware sm8350_firmware sxr1230p sm6225-ad sm4350-ac sw5100 video_collaboration_vc3_platform aqt1000 sm8150 wcn3991_firmware qam8295p_firmware sd855 qca6431_firmware sc8180x-ab_firmware sm7225_firmware wcn3990_firmware sm7315 sm6125 qca6698aq_firmware qcs2290 wcd9385 qcn7606 qsm8350 qcs2290_firmware sc8280xp-bb sc8180xp-ab_firmware sa8255p qcs4290 sxr1230p_firmware wcd9390_firmware sc8180xp-ab wcn6750 qca6430 sg8275p wcn6750_firmware sm6250p sdx55_firmware qdx1011_firmware sc8180xp-ad_firmware snapdragon_auto_5g_modem-rf sm7250-ab_firmware ssg2125p qru1052 sxr2130 sm7150-ab_firmware csra6640_firmware sm4350 snapdragon_xr2\+_gen_1_platform sm7325p qam8650p_firmware wcn3998 qca6420_firmware aqt1000_firmware qcs6490_firmware sm8450 sm6150-ac_firmware snapdragon_x65_5g_modem-rf_system sd855_firmware wcd9335_firmware qrb5165n_firmware qca6436 wcn3980_firmware qca6584au_firmware wsa8835 wsa8840_firmware qca6391_firmware sc8180x-ac qcn6274 qfw7124 qdu1010_firmware qca6595au_firmware sc8180x-ac_firmware sm4250-aa_firmware sw5100p_firmware sm8250 snapdragon_ar2_gen_1_platform qca6696_firmware qcs4290_firmware wcd9380_firmware qca6574_firmware csra6620 sdm670_firmware qca8081 wsa8815 sm4375 sg4150p qam8775p qca6797aq sm4375_firmware qcm4325_firmware sm7125_firmware qca6574a_firmware sdx55 qcm4290_firmware sm6350_firmware sd675 wcd9375_firmware qca6391 qrb5165 wcn785x-1 qcs5430_firmware sg4150p_firmware qru1052_firmware sc8180xp-af_firmware csra6620_firmware sa8770p_firmware sa8295p snapdragon_8_gen_2_mobile_platform_firmware qcs8550 snapdragon_xr1_platform_firmware snapdragon_x50_5g_modem-rf_system_firmware qam8775p_firmware sd865_5g_firmware sc7180-ad_firmware wcd9375 wcn685x-5_firmware sdm712 wcn3988_firmware sa8145p sd_675 sm4350-ac_firmware wsa8835_firmware ssg2115p_firmware snapdragon_x75_5g_modem-rf_system_firmware sc7180-ac_firmware sm7250-ac_firmware wcn3980 qdx1010 wcn685x-1_firmware qcs610 Snapdragon

CWE ID-CWE-190

Integer Overflow or Wraparound

CWE ID-CWE-680

Integer Overflow to Buffer Overflow

CVE-2023-28575

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 10.06%

7 Day CHG~0.00%

Published-08 Aug, 2023 | 09:15

Updated-02 Aug, 2024 | 13:43

Multiple Type Confusion Vulnerability

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-823

Use of Out-of-range Pointer Offset

CWE ID-CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

CVE-2023-28580

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.99%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:03

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input in WLAN Host

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

Vendor-Qualcomm Technologies, Inc.

Product-sw5100p qcs410_firmware sa6150p_firmware sa6155p_firmware qam8295p_firmware qcs610_firmware wcd9370 qca8081_firmware ar8035_firmware qca6696 wsa8830_firmware wcd9340_firmware qfw7124_firmware wcd9341_firmware qcc710_firmware wsa8815_firmware sa8195p_firmware wcd9370_firmware qca8337_firmware qca8337 wcn3660b qca6574au_firmware sa8195p qca6595au wcd9340 qam8295p wcd9341 qca6574au wcn3950 wsa8810_firmware wcn3988 wcn3980_firmware qcn6274 wcn3660b_firmware qfw7124 snapdragon_x75_5g_modem-rf_system wsa8835 qca6595au_firmware qca6391_firmware sw5100p_firmware sa8295p_firmware qca6696_firmware wcd9380_firmware sa6150p qcs410 sa8155p_firmware qca8081 wsa8815 video_collaboration_vc1_platform_firmware sa8155p wcn3680b_firmware wsa8830 qcn6274_firmware sa6145p qcc710 sw5100_firmware ar8035 qfw7114_firmware fastconnect_6900 fastconnect_7800_firmware qca6391 video_collaboration_vc1_platform qcn6224 qfw7114 wcn3950_firmware fastconnect_6900_firmware sa8295p snapdragon_8_gen_1_mobile_platform wcd9380 sa6145p_firmware fastconnect_7800 sa8145p_firmware wcn3680b sa8150p snapdragon_8_gen_1_mobile_platform_firmware sa8150p_firmware wcn3988_firmware sa6155p video_collaboration_vc3_platform_firmware sa8145p wsa8835_firmware wsa8810 snapdragon_x75_5g_modem-rf_system_firmware wcn3980 sw5100 video_collaboration_vc3_platform qcn6224_firmware qcs610 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28557

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 13.23%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-02 Aug, 2024 | 13:43

Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2023-28560

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.67%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-27 Feb, 2025 | 21:02

Buffer Copy Without Checking Size of Input in WLAN HAL

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28545

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.04% / 11.19%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS

Memory corruption in TZ Secure OS while loading an app ELF.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28538

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.03% / 6.84%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-27 Feb, 2025 | 21:02

Stack-based Buffer Overflow in WIN Product

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

Vendor-Qualcomm Technologies, Inc.

Product-snapdragon_850_mobile_compute_platform_firmware sa6150p_firmware sm6250p_firmware qcs610 qca6431_firmware wcn3950_firmware sc8180x\+sdx55 sa8150p_firmware qcs2290 qca6595au_firmware sa6155 qca6335 csra6620_firmware sd_675_firmware csra6640_firmware qcs6125_firmware wcd9371_firmware sd_8cx_gen2_firmware sm4125 sd720g wcn3950 sd_8_gen1_5g_firmware sd710_firmware sd460_firmware qualcomm_robotics_rb3_platform_firmware qca6574au_firmware wcd9375_firmware sa6155_firmware qca6420 snapdragon_xr2\+_gen_1_platform sd680_firmware sd_8cx_gen2 qrb5165m_firmware sa4155p_firmware qcs6125 sa8155_firmware sd662_firmware qca6430 wcd9340 sd765g sw5100 fsm10056_firmware qca6436 sd680 sa6155p wcd9341 qca6431 qca6696_firmware wcd9371 sd750g sd870_firmware wcn3910_firmware sd_8cx sa8150p wsa8830_firmware sd855_firmware sd865_5g_firmware snapdragon_4_gen_1 sd712 wcn3988 sa8195p_firmware fastconnect_6800_firmware qcn7606_firmware wcd9380_firmware ssg2125p sw5100p snapdragon_w5\+_gen_1_wearable_platform qca6564au sd670_firmware qca6574 wcd9380 qcs410 sd690_5g_firmware sxr1230p qca6430_firmware qcn9012_firmware wcd9335_firmware wcn3980 qca6335_firmware qcm4325_firmware wcd9340_firmware wsa8815 sd7c wcn3910 qca6426_firmware sd695 wcn3980_firmware sd730 snapdragon_xr2\+_gen_1_platform_firmware snapdragon_x50_5g_modem-rf_system_firmware qca6421_firmware smart_audio_200_platform snapdragon_xr2_5g_platform sd678_firmware fastconnect_6900 fastconnect_6900_firmware sd670 smart_audio_200_platform_firmware qca6564a_firmware qualcomm_robotics_rb5_platform_firmware qcm4290_firmware sd480 sd870 wsa8832 sw5100p_firmware qcs610_firmware qsm8250 sa6145p sd695_firmware qca6595_firmware sa8145p qca6391_firmware sa4150p_firmware wcd9370_firmware sdx55 sa8155p csra6640 sd675 ssg2115p_firmware qcs8155_firmware sa4155p qcm2290 qsm8250_firmware qcn7606 wsa8830 sd678 sa8145p_firmware sxr2230p_firmware snapdragon_850_mobile_compute_platform qcs2290_firmware fsm10056 sd7c_firmware snapdragon_4_gen_1_firmware flight_rb5_5g_platform csra6620 flight_rb5_5g_platform_firmware qcs4290 sd765g_firmware qca6420_firmware sd690_5g sd730_firmware wcd9370 sd675_firmware ssg2115p qca6564 qca6426 wcn3990_firmware qrb5165n_firmware qualcomm_robotics_rb3_platform sd_8cx_firmware wcd9385_firmware wcd9326_firmware fastconnect_6200 sd662 qcn9011_firmware sa8155 snapdragon_x55_5g_modem-rf_system sdx55_firmware qca6595au sm7250p_firmware qca6436_firmware qrb5165n snapdragon_w5\+_gen_1_wearable_platform_firmware qca6564au_firmware sa6155p_firmware qca6310 qcs8155 vision_intelligence_300_platform_firmware wcn3988_firmware sa6145p_firmware qca6421 sd712_firmware sm6250 sa8195p sxr1120 wsa8810_firmware vision_intelligence_400_platform sd765_firmware snapdragon_ar2_gen_1_platform_firmware wcd9326 sg4150p wcd9335 qca6174a_firmware qcs4290_firmware wcd9385 sxr2130_firmware wcd9375 sd750g_firmware aqt1000 sc8180x\+sdx55_firmware sm6250_firmware vision_intelligence_400_platform_firmware wsa8815_firmware wsa8835_firmware sxr1120_firmware qca6564a sa4150p sg4150p_firmware qcm6125_firmware qcm4325 qcm2290_firmware wcn3990 sd_675 sd865_5g fastconnect_6800 qca6595 qcn9012 wsa8835 sxr1230p_firmware sd665_firmware sd_8_gen1_5g sm6250p ssg2125p_firmware sxr2130 qca6574a qca6174a qca6310_firmware qca6574_firmware sd855 sm4125_firmware sd665 sxr2230p snapdragon_xr2_5g_platform_firmware sd765 qca6574a_firmware fastconnect_6200_firmware sd768g_firmware qrb5165m vision_intelligence_300_platform snapdragon_x55_5g_modem-rf_system_firmware sd460 qca6391 fastconnect_7800 aqt1000_firmware qcm4290 wsa8832_firmware snapdragon_xr1_platform sd480_firmware qcn9011 qca6574au sa8155p_firmware sd710 wcd9341_firmware fastconnect_7800_firmware qcm6125 wsa8810 snapdragon_ar2_gen_1_platform qca6564_firmware sd768g qca6696 sd845_firmware sa6150p snapdragon_x50_5g_modem-rf_system sd845 qualcomm_robotics_rb5_platform sm7250p sd720g_firmware sw5100_firmware qcs410_firmware snapdragon_xr1_platform_firmware Snapdragon

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28537

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.05% / 16.52%

7 Day CHG~0.00%

Published-08 Aug, 2023 | 09:15

Updated-02 Aug, 2024 | 13:43

Integer Overflow or Wraparound in Audio

Memory corruption while allocating memory in COmxApeDec module in Audio.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-190

Integer Overflow or Wraparound

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28565

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.52%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-27 Feb, 2025 | 21:01

Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-129

Improper Validation of Array Index

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28559

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.52%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-27 Feb, 2025 | 21:02

Buffer Copy Without Checking Size of Input in WLAN HAL

Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-28558

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 6.84%

7 Day CHG~0.00%

Published-05 Sep, 2023 | 06:24

Updated-02 Aug, 2024 | 13:43

Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-129

Improper Validation of Array Index

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-2246

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.09% / 27.24%

7 Day CHG~0.00%

Published-06 Nov, 2019 | 17:11

Updated-04 Aug, 2024 | 18:42

Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574, QCS605, Qualcomm 215, SD 425, SD 427, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130

Vendor-Qualcomm Technologies, Inc.