Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-56406

Summary
Assigner-CPANSec
Assigner Org ID-9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At-13 Apr, 2025 | 13:16
Updated At-16 Oct, 2025 | 14:04
Rejected At-
Credits

Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes

A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CPANSec
Assigner Org ID:9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At:13 Apr, 2025 | 13:16
Updated At:16 Oct, 2025 | 14:04
Rejected At:
▼CVE Numbering Authority (CNA)
Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes

A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Affected Products
Vendor
perl
Product
perl
Collection URL
https://cpan.org/modules
Package Name
perl
Repo
https://github.com/Perl/perl5/
Program Files
  • op.c
Program Routines
  • S_pmtrans
  • tr
Default Status
unaffected
Versions
Affected
  • From 5.41.0 through 5.41.10 (custom)
  • From 5.39.0 before 5.40.2-RC1 (custom)
  • From 5.33.1 before 5.38.4-RC1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-122CWE-122 Heap-based Buffer Overflow
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-122
Description: CWE-122 Heap-based Buffer Overflow
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Users should update perl to 5.40.2 or 5.38.4, or apply the upstream patch provided in the References section.

Configurations
Workarounds
Exploits
Credits
finder
Nathan Mills
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch
patch
https://metacpan.org/release/SHAY/perl-5.38.4/changes
release-notes
https://metacpan.org/release/SHAY/perl-5.40.2/changes
release-notes
Hyperlink: https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch
Resource:
patch
Hyperlink: https://metacpan.org/release/SHAY/perl-5.38.4/changes
Resource:
release-notes
Hyperlink: https://metacpan.org/release/SHAY/perl-5.40.2/changes
Resource:
release-notes
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2025/04/13/3
N/A
http://www.openwall.com/lists/oss-security/2025/04/13/4
N/A
http://www.openwall.com/lists/oss-security/2025/04/13/5
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/04/13/3
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/04/13/4
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/04/13/5
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At:13 Apr, 2025 | 14:15
Updated At:16 Oct, 2025 | 14:15

A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
perl
perl
>>perl>>Versions from 5.33.1(inclusive) to 5.38.4(exclusive)
cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*
perl
perl
>>perl>>Versions from 5.39.0(inclusive) to 5.40.2(exclusive)
cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*
perl
perl
>>perl>>Versions from 5.41.0(inclusive) to 5.41.10(inclusive)
cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-122Secondary9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE-787Secondary9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE-787Primarynvd@nist.gov
CWE ID: CWE-122
Type: Secondary
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE ID: CWE-787
Type: Secondary
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch9b29abf9-4ab0-4765-b253-1875cd9b441e
Patch
https://metacpan.org/release/SHAY/perl-5.38.4/changes9b29abf9-4ab0-4765-b253-1875cd9b441e
Release Notes
https://metacpan.org/release/SHAY/perl-5.40.2/changes9b29abf9-4ab0-4765-b253-1875cd9b441e
Release Notes
http://www.openwall.com/lists/oss-security/2025/04/13/3af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://www.openwall.com/lists/oss-security/2025/04/13/4af854a3a-2127-422b-91ae-364da2661108
Mailing List
http://www.openwall.com/lists/oss-security/2025/04/13/5af854a3a-2127-422b-91ae-364da2661108
Mailing List
Hyperlink: https://github.com/Perl/perl5/commit/87f42aa0e0096e9a346c9672aa3a0bd3bef8c1dd.patch
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource:
Patch
Hyperlink: https://metacpan.org/release/SHAY/perl-5.38.4/changes
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource:
Release Notes
Hyperlink: https://metacpan.org/release/SHAY/perl-5.40.2/changes
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource:
Release Notes
Hyperlink: http://www.openwall.com/lists/oss-security/2025/04/13/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://www.openwall.com/lists/oss-security/2025/04/13/4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Hyperlink: http://www.openwall.com/lists/oss-security/2025/04/13/5
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List

Change History

0
Information is not available yet

Similar CVEs

118Records found
CVE-2023-32840
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.47%
||
7 Day CHG~0.00%
Published-06 Nov, 2023 | 03:50
Updated-05 Sep, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).

Action-Not Available
Vendor-MediaTek Inc.
Product-mt6896mt6855nr17mt6893mt6983wmt2735mt6886mt8791tmt8666mt6878mt6765mt6891nr16mt6883mt6980dmt6853tmt2731mt6739mt8768mt6769mt6761mt6875mt6889mt8781mt6985mt6885mt6877mt6853mt8667mt6985tmt6771tmt8791mt6897lr12amt6731mt6990mt6873mt8765mt8675mt6763mt6983tmt8788mt6769tmt6813mt6835mt6880mt8789mt8797mt6768mt8786mt8766mt6890mt6771mt6833mt8673mt6833pmt6989mt6762nr15mt6980mt6895mt6877tmt8798mt6983zmt6769zmt6767mt6895tmt6879MT2731, MT2735, MT6731, MT6739, MT6761, MT6762, MT6763, MT6765, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6771T, MT6813, MT6833, MT6833P, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6877T, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983T, MT6983W, MT6983Z, MT6985, MT6985T, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798mt6896mt6855mt6893mt6983wmt2735mt6886mt8791tmt8666mt6878mt6765mt6891mt6883mt6980dmt6853tmt2731mt6739mt8768mt6769mt6761mt6875mt6889mt8781mt6985mt6885mt6877mt6853mt8667mt6985tmt6771tmt8791mt6897mt6731mt6990mt6873mt8765mt8675mt6763mt6983tmt8788mt6769tmt6835mt6813mt6880mt8789mt8797mt6768mt8786mt8766mt6890mt6771mt6833mt8673mt6833pmt6989mt6762mt6980mt6895mt6877tmt8798mt6983zmt6769zmt6767mt6895tmt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33033
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.67%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-21 May, 2025 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Audio

Memory corruption in Audio during playback with speaker protection.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaremdm9640_firmwaresm6250p_firmwareqca8337snapdragon_888_5g_mobile_platformwcn3950_firmwaresc8180x\+sdx55sm4450_firmwareqca6595au_firmwaresa6155snapdragon_427_mobile_platformsnapdragon_480_5g_mobile_platformsd_455_firmwarehome_hub_100_platformapq8076snapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwaremsm8108wcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaresm4125wcn3660bsnapdragon_460_mobile_platformsnapdragon_660_mobile_platform_firmwaresd460_firmwaremdm9230_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_636_mobile_platformqca8081_firmwareqca6420snapdragon_auto_5g_modem-rf_firmwareqca9367_firmwaremdm8207sa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqca6430snapdragon_630_mobile_platformsnapdragon_678_mobile_platform_firmwareqts110wcd9306_firmwarewcd9340snapdragon_8cx_compute_platformmdm9625_firmwarevision_intelligence_200_platform_firmwaresnapdragon_765_5g_mobile_platform_firmwareqca6698aq_firmwaremsm8209_firmwaresnapdragon_690_5g_mobile_platformmdm9250_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_wear_2500_platformqca6696_firmwarewcd9371sd_8cxsa8150psnapdragon_430_mobile_platformqca4004mdm9330_firmwaresd660sd865_5g_firmwaresd660_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_7c_gen_2_compute_platform_firmwaresnapdragon_730_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresdm429w9205_lte_modemsnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574snapdragon_7c\+_gen_3_computewcd9380qcs410snapdragon_210_processorsnapdragon_430_mobile_platform_firmwareqca9379_firmwarec-v2x_9150_firmwareqcn9012_firmwaresd626wcd9340_firmwarewsa8815snapdragon_865\+_5g_mobile_platformqca6584_firmwaresnapdragon_630_mobile_platform_firmwareqcs8250sd835wcn3980_firmwaresd730sa8295p9205_lte_modem_firmwarewcn6740_firmwaresnapdragon_8cx_compute_platform_firmwaremdm9225qcs4490_firmwaresnapdragon_x65_5g_modem-rf_systemapq8064au_firmwaremdm9225mfastconnect_6900fastconnect_6900_firmwaresnapdragon_660_mobile_platformsd670smart_audio_200_platform_firmwareqcn9024_firmwaresdx57mqcm4290_firmwareqcs610_firmwareapq8084_firmwaresa6145pqualcomm_215_mobile_platform_firmwarear8031mdm8207_firmwaresnapdragon_750g_5g_mobile_platformsd820_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresdx55csra6640snapdragon_695_5g_mobile_platformsnapdragon_x20_lte_modemsnapdragon_1200_wearable_platformwcn3660qca9379sa4155pqsm8250_firmwaresnapdragon_480\+_5g_mobile_platformwsa88309207_lte_modemsnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwarecsrb31024mdm9628_firmwareflight_rb5_5g_platformmdm9650snapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwareqcs4290snapdragon_x20_lte_modem_firmwaremdm9250qca6420_firmwaresnapdragon_450_mobile_platform_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377wcd9385_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwaresnapdragon_7c_gen_2_compute_platformqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6584snapdragon_835_mobile_pc_platform_firmwaresdx55_firmwaresnapdragon_208_processor_firmwarewcn3615sm7250p_firmwarewcn3610_firmwareqrb5165nwcd9306qca6584ausnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformsnapdragon_208_processorsnapdragon_439_mobile_platform9206_lte_modemqca9367mdm9235m_firmwaresnapdragon_wear_3100_platformwcn3988_firmware315_5g_iot_modemqcn9074qca6421fastconnect_6700_firmwaresa8195psxr1120snapdragon_626_mobile_platform_firmwarewcd9326wcd9335qcm4490snapdragon_888\+_5g_mobile_platformqcs4290_firmwaresxr2130_firmwareqcs6490_firmwaremdm9625wcd9375aqt1000snapdragon_210_processor_firmwaresc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformwsa8815_firmwaremdm9625msnapdragon_636_mobile_platform_firmwareapq8017sxr1120_firmwaremdm9235mmdm9630_firmwareqcm6125_firmwaresnapdragon_x5_lte_modemsnapdragon_855\+\/860_mobile_platform_firmwarerobotics_rb5_platform_firmwaresnapdragon_1100_wearable_platformsd865_5gqca6595qualcomm_205_mobile_platformsxr2130snapdragon_wear_4100\+_platformsmart_audio_400_platformqca6310_firmwareqca6574_firmwaresm7325p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresnapdragon_665_mobile_platformsnapdragon_730g_mobile_platformqrb5165msm7315snapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_7c_compute_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcs8250_firmwaresnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_712_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_8c_compute_platform_firmwareqca6564_firmwarewcn6740snapdragon_732g_mobile_platformqcs8550snapdragon_x50_5g_modem-rf_systemqcn6024qcs410_firmwaremdm9330snapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_wear_1300_platformsnapdragon_7c_compute_platformqts110_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610315_5g_iot_modem_firmwareqca6431_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_870_5g_mobile_platform_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwarevision_intelligence_100_platform_firmwaresnapdragon_wear_2100_platform_firmwaresnapdragon_212_mobile_platformsa8150p_firmwareqcs2290snapdragon_x70_modem-rf_systemqca6335csra6620_firmwaresd_675_firmwarecsra6640_firmwareqam8295pmdm9628qca6574au_firmwaremdm9630snapdragon_778g\+_5g_mobile_platform_firmwaresa6155_firmwarewcd9375_firmwaremsm8909wwcd9360snapdragon_xr2\+_gen_1_platformsnapdragon_782g_mobile_platform_firmwaresnapdragon_427_mobile_platform_firmwaresmart_audio_400_platform_firmwarewcn3999qrb5165m_firmwareqca6698aqqcs6125sa4155p_firmwaresd662_firmwaresnapdragon_765g_5g_mobile_platformrobotics_rb3_platformsnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformsd626_firmwaresnapdragon_820_mobile_platformsnapdragon_780g_5g_mobile_platformhome_hub_100_platform_firmwareqca6436sa6155pwcn3660_firmwarewcd9341pm8937_firmwareqca6431snapdragon_x12_lte_modemwcn3910_firmwaresnapdragon_855_mobile_platform_firmwarerobotics_rb5_platformwsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresa8295p_firmwarewcn3610mdm9640msm8608qca8337_firmwarewcd9380_firmwarewcd9330msm8996au_firmwaresnapdragon_8cx_gen_2_5g_compute_platformmdm9225m_firmwareqca6564auqualcomm_215_mobile_platformsnapdragon_782g_mobile_platformsnapdragon_wear_4100\+_platform_firmwarefastconnect_6700mdm9230qca6174qca6430_firmwarewcd9335_firmwarewcn3980snapdragon_732g_mobile_platform_firmwareqca6335_firmwaremdm9225_firmwareqca6320wcn3910mdm9650_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwaresm4450snapdragon_435_mobile_platformwcn3660b_firmwareqca9984snapdragon_670_mobile_platformwcn3680qcn9024snapdragon_xr2\+_gen_1_platform_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_820_automotive_platformqca6421_firmwaresmart_audio_200_platformvision_intelligence_100_platformsnapdragon_xr2_5g_platformar8031_firmwarewcn3680_firmware9206_lte_modem_firmwareqca6564a_firmwaresnapdragon_x24_lte_modemwsa8832qsm8250smart_display_200_platform_firmwaresnapdragon_730_mobile_platform9207_lte_modem_firmwareqcs4490qca6595_firmwaresa8145psnapdragon_888\+_5g_mobile_platform_firmwaresnapdragon_710_mobile_platform_firmwaresd888_firmwaresa8155psd675snapdragon_720g_mobile_platform_firmwarear8035_firmwareqcm2290snapdragon_632_mobile_platformsnapdragon_625_mobile_platform_firmwaresnapdragon_855_mobile_platformsnapdragon_wear_2100_platformsnapdragon_662_mobile_platform_firmwaresa8145p_firmwareqcs2290_firmwarecsra6620smart_display_200_platformsnapdragon_888_5g_mobile_platform_firmwaresnapdragon_450_mobile_platformqca6174_firmwaresd730_firmwarewcd9370snapdragon_480\+_5g_mobile_platform_firmwareqca6584au_firmwareapq8076_firmwaresd_8cx_firmwaresnapdragon_1200_wearable_platform_firmwaresd662qam8295p_firmwareapq8037snapdragon_435_mobile_platform_firmwarevision_intelligence_200_platformqca6320_firmwarewcn3680b_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_212_mobile_platform_firmwareqca6595auwcn3999_firmwaresnapdragon_425_mobile_platformsnapdragon_429_mobile_platformqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa6155p_firmwareqca6310pm8937snapdragon_x70_modem-rf_system_firmwareqcs6490snapdragon_x5_lte_modem_firmwareapq8084qcs8550_firmwaresnapdragon_625_mobile_platformvision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250c-v2x_9150apq8017_firmwarewsa8810_firmwarevision_intelligence_400_platformsg4150pqca8081qca6174a_firmwaresnapdragon_wear_1300_platform_firmwarewcd9385snapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwarear8035apq8064auvision_intelligence_400_platform_firmwaresnapdragon_768g_5g_mobile_platform_firmwarewcn3620_firmwaresd820qcm6490wsa8835_firmwarewcn3620qca6564asa4150psg4150p_firmwareqcm2290_firmwaresnapdragon_626_mobile_platformsnapdragon_845_mobile_platformmdm9635m_firmwarewcn3990sd_675fastconnect_6800mdm9625m_firmwaresnapdragon_835_mobile_pc_platformqcn9012snapdragon_8c_compute_platformsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresnapdragon_auto_5g_modem-rfsm6250psnapdragon_678_mobile_platformsnapdragon_855\+\/860_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwareqca6574aqca6174asm7325pmdm9635msd855sm4125_firmwaresdx57m_firmwaresnapdragon_439_mobile_platform_firmwarefastconnect_6200_firmwaremsm8209vision_intelligence_300_platformsd460qca6391snapdragon_710_mobile_platformfastconnect_7800aqt1000_firmwareqcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290qcn9011sd_455qca6574ausa8155p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810snapdragon_730g_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformwcn3680bsd835_firmwaresnapdragon_675_mobile_platformsnapdragon_wear_2500_platform_firmwareqca6696msm8608_firmwaresa6150psnapdragon_1100_wearable_platform_firmwaresnapdragon_768g_5g_mobile_platformapq8037_firmwaresnapdragon_765_5g_mobile_platformsnapdragon_820_mobile_platform_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_wear_3100_platform_firmwareqcn9074_firmwaresnapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33066
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 21.28%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Audio

Memory corruption in Audio while processing RT proxy port register driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwaresnapdragon_x20_lte_modemsd865_5gmdm9215_firmwaresnapdragon_632_mobileqca6595qca8081_firmwaresnapdragon_670_mobilesnapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilefastconnect_6700wcn3610mpq8064sa4150psnapdragon_427_mobile_firmwaresnapdragon_782g_mobile_firmwaresnapdragon_wear_4100\+_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_665_mobile_firmwaresc8180xp-aaabqca6574au_firmwareqca6564_firmware9207_lte_modem_firmwareqam8295pwcd9341sd626_firmwaresnapdragon_820_automotive205_mobilesnapdragon_888\+_5g_mobile_firmwaresnapdragon_x12_lte_modemwsa8810_firmwaresd730_firmwarewsa8845h_firmwaresnapdragon_212_mobilesc8180xp-acafwcn3660_firmwaresnapdragon_850_mobile_computesnapdragon_820_automotive_firmwarefastconnect_6800_firmwaresd835_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_678_mobile_firmwaremdm9625msnapdragon_425_mobilesnapdragon_632_mobile_firmwaremsm8108qsm8250_firmwarevideo_collaboration_vc1_platformwcn3660asnapdragon_730_mobile_firmwarewcd9385_firmwareqca6421vision_intelligence_200qca6310wcd9360snapdragon_680_4g_mobilesa6155psnapdragon_212_mobile_firmwareqca6564au_firmwaresd820snapdragon_429_mobile_firmwaremdm8207video_collaboration_vc5_platform_firmwaresnapdragon_888_5g_mobile_firmwaresnapdragon_wear_2500snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaremdm9640_firmwaresd835snapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwareqca6436_firmwaresnapdragon_695_5g_mobile_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqts110sm4125_firmwaremsm8227_firmwareqca6420qca6174_firmwarewcn3910apq8064au_firmwaremdm9205s_firmwarecsrb31024qca9367mdm9250_firmwaresnapdragon_712_mobilewcn3660bqca6574awcn3620_firmwareqca6174aqca6584_firmwarewcd9340qcs8250_firmwaremdm9235mqcm2290snapdragon_auto_5g_modem-rf_gen_2snapdragon_835_mobile_pc_firmwaresm8550p_firmwareqcm8550snapdragon_x20_lte_modem_firmwaresnapdragon_765_5g_mobile_firmwarewcn3988apq8076qcn9024vision_intelligence_300_firmwaremdm8615mqca6574215_mobileqcs410apq8064_firmwareqcm2290_firmwarevision_intelligence_100mdm8215m_firmwarehome_hub_100sa8155psnapdragon_765g_5g_mobile_firmwaresmart_display_200_firmwaresnapdragon_wear_2100_firmwaresm8550pwsa8830sa6145psnapdragon_625_mobile_firmwaremdm8215mmdm8215msm8996ausnapdragon_4_gen_2_mobilesnapdragon_7c_compute_firmwareqrb5165m_firmwaresnapdragon_820_mobile_firmwarewcn3620snapdragon_208_processor_firmwaresnapdragon_865\+_5g_mobile_firmwaresnapdragon_x5_lte_modemsnapdragon_429_mobileapq8064auwcn3950_firmwareqrb5165nmdm9205sfastconnect_6200sm7325p_firmwaresd460wcd9360_firmwaresc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwaremdm9615msnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobilesc8180xp-acaf_firmwareqcn6224_firmwarevision_intelligence_100_firmwareqca6431sd660_firmwaremdm9625snapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwareqca9379_firmwaresxr2130_firmwaremdm9225m_firmwaresnapdragon_860_mobile_firmwarear8035_firmwaresnapdragon_778g\+_5g_mobileqrb5165mqca6320sd888_firmwaremdm9215wcd9306qcs6125_firmwaresnapdragon_wear_1300_firmwareqcn9074wsa8815_firmwareqca8337_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobilemsm8230sm7250p_firmwarewcn3680_firmwarewcn3999wcn3950snapdragon_730g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaremsm8227apq8037snapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresnapdragon_855\+_firmwaresa4155p_firmwareqca9984snapdragon_720g_mobilesm7250pcsrb31024_firmwaresa8155sd_8cx_firmwaresc8180x-acafsd888sd460_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilear9374wcn3660a_firmwareqca6310_firmwaresd626fastconnect_6800qcs7230pm8937snapdragon_865_5g_mobile_firmwarewcd9371fastconnect_6900_firmwarerobotics_rb5_firmwaresmart_audio_200wcn2243snapdragon_1200_wearablesc8180x-aaab_firmwarevideo_collaboration_vc3_platform215_mobile_firmwareqca6431_firmware9205_lte_modem_firmwareqca6698aq_firmwareqcs2290qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615qca9367_firmwarewcn3999_firmwaremdm9615m_firmwarewcn3680qcs7230_firmwarewcd9390_firmwareqca6430mdm9650snapdragon_765_5g_mobilesnapdragon_860_mobilesc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_208_processorflight_rb5_5g_firmware9206_lte_modem_firmwaremsm8108_firmwaresnapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaremsm8960sg_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresd855_firmwaremdm9225mdm9640qca6436qrb5165n_firmwaresnapdragon_x70_modem-rfsnapdragon_x24_lte_modem_firmwarewcd9335_firmwareqca6391_firmwarewcn3980_firmwarewsa8835wsa8840_firmwaremdm9310_firmwaremsm8930_firmwareqcs4290_firmwaresnapdragon_430_mobile_firmwarecsra6620qca8081apq8084mdm9628sd660wsa8815qca9377snapdragon_439_mobile_firmwareqcm4290_firmwarempq8064_firmwaresnapdragon_720g_mobile_firmwarewcn2243_firmwaremdm9635mmdm9635m_firmwaresnapdragon_710_mobilemdm9615_firmwaresg4150p_firmwarecsra6620_firmwareqcs8550mdm8215_firmwaresnapdragon_626_mobilesd865_5g_firmwaresnapdragon_xr1wcd9375apq8076_firmwaresnapdragon_636_mobilesa8145psd_675snapdragon_8\+_gen_1_mobile_firmwaresmart_display_200ar6003_firmwarewcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwaresnapdragon_wear_3100_firmwareqcm8550_firmwareapq8017qcs410_firmwarerobotics_rb3sa6150p_firmwaresxr1120qcs610_firmwarewcd9335wcd9370snapdragon_7c_gen_2_compute_firmwaremsm8230_firmwareqca4004qca6696wcd9341_firmwarewcn6740_firmwaresnapdragon_780g_5g_mobilesnapdragon_750g_5g_mobileqca9984_firmwaresnapdragon_685_4g_mobilevision_intelligence_200_firmwaresnapdragon_x50_5g_modem-rf_firmwaremsm8930snapdragon_auto_4g_modem9205_lte_modemsnapdragon_690_5g_mobile_firmwareqsc1215snapdragon_wear_1300qca6574auwcd9390pm8937_firmwarecsra6640msm8209_firmwaresnapdragon_778g_5g_mobile_firmwarewcn3660b_firmwaresd730snapdragon_690_5g_mobile9207_lte_modemqcn6024_firmwaremsm8627_firmwaresnapdragon_636_mobile_firmwaresnapdragon_712_mobile_firmwaresnapdragon_625_mobilesnapdragon_210_processor_firmwareqcm6125_firmwarec-v2x_9150qcc710snapdragon_1100_wearable_firmwaresnapdragon_xr2_5g_firmwaremdm9615snapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_x5_lte_modem_firmwaresnapdragon_wear_4100\+315_5g_iot_modem_firmwarefastconnect_6900qfw7114315_5g_iot_modemmsm8960_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilesnapdragon_wear_3100mdm9250wsa8845msm8630snapdragon_626_mobile_firmwareqca6421_firmwareqcm6125mdm9230sc8180x-adwsa8810qsm8250qca6595ausnapdragon_888_5g_mobilesm7315_firmwarewcd9326_firmwaresnapdragon_845_mobile_firmwarewsa8840mdm9230_firmwareqcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqcn9012qsc1215_firmwaremdm9650_firmwarewcd9371_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwaresnapdragon_8\+_gen_2_mobilesa8195pmdm9310snapdragon_1200_wearable_firmwareqca6335_firmwareqcm6490snapdragon_662_mobilemsm8627qca9379msm8960sgsd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaremsm8130_firmwareqcn9011smart_audio_400qcn9024_firmwarewsa8845hsa6150pwcd9326sa8155p_firmwaresnapdragon_630_mobileqca6564asnapdragon_855\+snapdragon_wear_2100qcn9074_firmwaresnapdragon_768g_5g_mobile_firmwaresnapdragon_7c_gen_2_computesc8180x\+sdx55_firmwarear8035qca6564sa6155qcn6224snapdragon_435_mobile_firmwaresc8180x\+sdx55qca6698aqsm6250apq8064snapdragon_480\+_5g_mobilesd670wcn3680bapq8030sa8145p_firmwaresa8150p_firmwarefastconnect_6700_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwareqcs6490qcs8250snapdragon_695_5g_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarehome_hub_100_firmwaresnapdragon_460_mobile_firmwarewsa8830_firmwarewsa8845_firmwarewsa8832mdm9330_firmwaresnapdragon_auto_4g_modem_firmwaremsm8960sc8180xp-aaab_firmwaremdm9630205_mobile_firmwaresa4150p_firmwaremsm8608_firmwaremsm8209qca6564ausnapdragon_1100_wearablesnapdragon_820_mobilesnapdragon_425_mobile_firmwaresm6250p_firmwaresc8180xp-adar6003sa8195p_firmwareqcm4290sd_455_firmwaremsm8608ar8031mdm9225_firmwareqca9377_firmwareqcm6490_firmwaresg8275p_firmwaresnapdragon_xr2\+_gen_1sm4125mdm9235m_firmwareqcm4490_firmwarevision_intelligence_400_firmwareqcs6125flight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobileqca4004_firmwaresnapdragon_870_5g_mobilesmart_audio_200_firmwaresnapdragon_678_mobilesd_455sm6250_firmwaresc8180x-ad_firmwaresnapdragon_7c_computeqca6584auqca6320_firmwareqcn6274_firmwaresnapdragon_435_mobileqcn9011_firmwaresnapdragon_wear_2500_firmwarewcn6740snapdragon_780g_5g_mobile_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwaremdm9625m_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilemdm9630_firmwareapq8017_firmwarewcd9380sa6145p_firmwaresa6155_firmwaresnapdragon_450_mobile_firmwaresnapdragon_xr2_5gsa8150psnapdragon_x24_lte_modemmsm8996au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsd662_firmwarewcn3660aqt1000wcd9306_firmwaresnapdragon_4_gen_1_mobile_firmwarec-v2x_9150_firmwareqam8295p_firmwaresd855wcd9330_firmwareqca6174wcn3990_firmwaresm7315snapdragon_660_mobileqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobilemsm8909w_firmwaresnapdragon_8_gen_1_mobilesnapdragon_630_mobile_firmwarewcd9330mdm8207_firmwaresd662snapdragon_680_4g_mobile_firmwarewcn3610_firmwareqcs4290snapdragon_865\+_5g_mobilesd820_firmwaresg8275psm6250psdx55_firmwareapq8030_firmwarewcn3615_firmwaresnapdragon_210_processorsxr2130qcm4490snapdragon_480\+_5g_mobile_firmwarerobotics_rb5qca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfapq8037_firmwaresnapdragon_670_mobile_firmwareaqt1000_firmwaresdm429wqca6584au_firmwareqcn6274qfw7124qca6595au_firmwareqca6696_firmwaremsm8130wcd9380_firmwaremdm9625_firmwareapq8084_firmwareqca6574_firmwaresg4150pmdm9628_firmwaresnapdragon_x75_5g_modem-rfsnapdragon_427_mobile9206_lte_modemqca6574a_firmwaremsm8630_firmwaresdx55mdm9225msnapdragon_4_gen_1_mobilesnapdragon_450_mobilesnapdragon_865_5g_mobilesnapdragon_835_mobile_pcsd675wcd9375_firmwareqca6391ar9374_firmwareqts110_firmwareqcn9012_firmwaresnapdragon_439_mobileqca6584sa8295pfastconnect_7800snapdragon_8\+_gen_2_mobile_firmwarevision_intelligence_300snapdragon_765g_5g_mobilewcn3988_firmwaresnapdragon_430_mobilemdm8615m_firmwaresd_8cxvision_intelligence_400wsa8835_firmwarewcn3980mdm9330msm8909wqcs610Snapdragonqca6574a_firmwarequalcomm_video_collaboration_vc1_platform_firmwaremdm9628_firmwareqcs4490_firmwaresd_455_firmwareqca6431_firmwareflight_rb5_5g_platform_firmwaremsm8960_firmwaresa8150p_firmwareqcn9024_firmwareqcs7230_firmwarear6003_firmwarequalcomm_video_collaboration_vc5_platform_firmwarefastconnect_6700_firmwareqcm6490_firmwaremdm9250_firmwaresa8155p_firmwarefastconnect_6200_firmwaremsm8909w_firmwaresa4155p_firmwareapq8030_firmwareqcn6224_firmwareqca6420_firmwarecsrb31024_firmwaresa6155_firmware9206_lte_modem_firmwarempq8064_firmwareqca9377_firmwaremdm9625_firmwaremsm8230_firmwareqca6698aq_firmwareqsc1215_firmwareqca8081_firmwareqca9367_firmwaremsm8627_firmwarefastconnect_7800_firmwarecsra6640_firmwaremdm8215_firmwareqcm8550_firmwareqca6174_firmwarecsra6620_firmwaresa8155_firmwareqcn6024_firmwareqca6436_firmwareqca6595_firmwareqcn6274_firmwareqcn9011_firmwaremdm9650_firmwarec-v2x_9150_firmware9207_lte_modem_firmwareqsm8250_firmwaremdm9615_firmwareqca6564a_firmwaremsm8960sg_firmwaremdm8615m_firmwareqca6335_firmwareqrb5165n_firmwaremsm8108_firmwaresa8195p_firmwareqcn9012_firmwaresd_8cx_firmwarear8035_firmware315_5g_iot_modem_firmwarefastconnect_6800_firmwaremsm8608_firmwareqcs6125_firmwaremdm9640_firmwaremsm8209_firmwaremdm9310_firmwareqcc710_firmwaremdm9615m_firmwareqca6574au_firmwareapq8017_firmwaresa6155p_firmwareqcn9074_firmwareqcs8550_firmwaremdm9635m_firmwaremdm9230_firmwareqca6564au_firmwareqca6564_firmwaremsm8227_firmwareqcm6125_firmwareqca6696_firmwareapq8064au_firmwareqca8337_firmwareqca6584_firmwareqca6595au_firmwareaqt1000_firmwaremsm8630_firmwareqcs6490_firmwaremsm8930_firmwarepm8937_firmwaresa6145p_firmwaresa8295p_firmwaresa4150p_firmwarequalcomm_205_mobile_platform_firmwaresa6150p_firmwaremdm9225m_firmwareqca6174a_firmwareqfw7124_firmwaremsm8130_firmwareqca6391_firmwaremdm9205s_firmwarefastconnect_6900_firmwaremdm9235m_firmwareqca6584au_firmwarerobotics_rb3_platform_firmwareqfw7114_firmwaremdm9330_firmwaremsm8996au_firmwareqam8295p_firmwareqca6320_firmwareqca6574_firmwaremdm9215_firmwareqca9984_firmwaresd_675_firmwareapq8084_firmwareapq8064_firmwaresa8145p_firmwaresd460_firmwarear8031_firmwaremdm8207_firmwaremdm9630_firmwareqcm4490_firmwarequalcomm_215_mobile_platform_firmwareqcm2290_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwareqcs4290_firmwareqcs610_firmwarehome_hub_100_platform_firmwareqcs2290_firmwaremdm9625m_firmwareapq8037_firmwaremdm9225_firmwareqca9379_firmwareqrb5165m_firmwareqca6430_firmware9205_lte_modem_firmwarear9374_firmwareapq8076_firmwaremdm8215m_firmwareqca6426_firmwareqca6421_firmwareqcs410_firmwareqts110_firmwareqca6310_firmwareqcm4290_firmwareqca4004_firmwareqcs8250_firmware
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2023-33074
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.36%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption in Audio when SSR event is triggered after music playback is stopped.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830wcd9380_firmwaresa6150p_firmwaressg2125psa8145p_firmwaresxr2230p_firmwaresw5100pqam8650psd865_5gsg8275p_firmwaresnapdragon_w5\+_gen_1_wearable_platformwcn785x-5qca6595qam8775pwsa8840wsa8835qca6574sxr1230p_firmwarewcn3950_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380sa8150p_firmwareqca6595au_firmwaressg2125p_firmwareqca6574assg2115pwcn685x-5_firmwaresxr1230pwcn685x-1sg8275psnapdragon_8_gen_2_mobile_platformwcn6750wcn3980wcd9385_firmwareqam8295pwcn3950wsa8845qcm4325_firmwareqca6574_firmwarewsa8815sxr2230pwsa8845_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqca6574au_firmwareqca6595ausm6225-adwsa8845h_firmwarewcn785x-5_firmwarewcn3980_firmwaresa8295psnapdragon_w5\+_gen_1_wearable_platform_firmwaresm8475_firmwaresa6155p_firmwaresm6225snapdragon_xr2_5g_platformsm6225-ad_firmwarewsa8840_firmwareqca6698aqsa4155p_firmwarewsa8832_firmwarewcn685x-5sm6225_firmwarewcn3988_firmwareqca6797aq_firmwarewcn785x-1_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwaresnapdragon_8\+_gen_2_mobile_platformsw5100wsa8810wsa8845hwsa8832wcd9395_firmwaresa8255p_firmwaresa6155psw5100p_firmwaresm8550pqca6698aq_firmwaresa6145pwcn685x-1_firmwarewcd9385qam8650p_firmwareqam8775p_firmwaresa8255pqca6696_firmwareqca6595_firmwaresa8145pwcd9395qca6696qca6797aqsa4150p_firmwarewcn6750_firmwaresa8150psm8550p_firmwaresa6150pwcd9390wcd9390_firmwaresa8155pwsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwaresm8475sa8295p_firmwareqam8255psa4155psa4150psnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcm4325Snapdragon
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33113
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.50%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Kernel

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pwsa8832wsa8845_firmwareqca6595qcs610_firmwarewcd9335wcd9370qca8081_firmwaressg2125p_firmwarear8035_firmwareqca6696wsa8830_firmwareqrb5165msnapdragon_888_5g_mobile_platformwcd9341_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresa4150p_firmwarewcd9395_firmwareqcn6024sd888_firmwarewcn6740_firmwarefastconnect_6700qca6564ausa4150pwsa8815_firmwarewsa8832_firmwaresa8195p_firmwareqca8337_firmwaresnapdragon_x12_lte_modem_firmwareqca8337qdu1110wcd9395snapdragon_680_4g_mobile_platformsg8275p_firmwareqca9377_firmwareqcm6490_firmwareqca6574au_firmwareqam8295pwcd9341qcm4490_firmwareqca6574auqru1032snapdragon_x12_lte_modemflight_rb5_5g_platformwcd9390wcn3950wsa8810_firmwarewsa8845h_firmwarecsra6640snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_7c\+_gen_3_computeqca6554asnapdragon_780g_5g_mobile_platformsa8295p_firmwareqcn6024_firmwaresa4155p_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_778g\+_5g_mobile_platformsnapdragon_780g_5g_mobile_platform_firmwareqca6584ausd888ssg2115pqcn9011_firmwareqru1062_firmwaresnapdragon_4_gen_2_mobile_platformsw5100_firmwarewcn6740snapdragon_480\+_5g_mobile_platform_firmwareqru1062snapdragon_695_5g_mobile_platform_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_685_4g_mobile_platform_firmwarevideo_collaboration_vc1_platformqru1032_firmwaresnapdragon_782g_mobile_platform_firmwarewcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_888_5g_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_ar2_gen_1_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155psnapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwaresxr1230pwsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformwcn3950_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsm7315_firmwareqdu1010sa6155p_firmwarewsa8840qam8295p_firmwareqcs8550_firmwareqdu1210_firmwaresm7315qca6698aq_firmwarewcd9385qcn9012snapdragon_8\+_gen_1_mobile_platformmdm9650_firmwareqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresg8275pwcd9370_firmwaremdm9650qdx1011_firmwaresnapdragon_auto_5g_modem-rfqdu1110_firmwareqdu1000qca6554a_firmwaressg2125pqca6574aqru1052qcm4490qca6174asa8195pcsra6640_firmwareqcs8250_firmwareqdu1210snapdragon_820_automotive_platform_firmwareqca6174a_firmwareqcm6490sm7325pqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemqcn9024qca6584au_firmwarewcd9335_firmwareqrb5165n_firmwareqca6574snapdragon_480_5g_mobile_platform_firmwarewcn3980_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresxr2230p_firmwarewsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqcn9011snapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcn9024_firmwarewsa8845hwcd9380_firmwaresa6150pqca6574_firmwareqcs410sa8155p_firmwarecsra6620qca8081wsa8815sa8155psd_8_gen1_5gwsa8830qam8775pqca6797aqqca9377sm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwareqcm4325_firmwaresa8255p_firmwareflight_rb5_5g_platform_firmwarear8035qca6574a_firmwaresnapdragon_480\+_5g_mobile_platformqrb5165m_firmwareqcm4325sd_8_gen1_5g_firmwarerobotics_rb5_platformwcd9375_firmwareqca6391qcn9012_firmwaresmart_audio_400_platform_firmwareqca6698aqsnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwareqrb5165ncsra6620_firmwaresa8295psnapdragon_8_gen_1_mobile_platformrobotics_rb5_platform_firmwareqcs8550snapdragon_8_gen_2_mobile_platform_firmwarefastconnect_6200fastconnect_7800sa8145p_firmwaresm7325p_firmwareqam8775p_firmwaresnapdragon_888\+_5g_mobile_platformqdx1011wcd9375sa8150p_firmwaresmart_audio_400_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250snapdragon_820_automotive_platformwcn3980fastconnect_6200_firmwareqdx1010qcs610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-54910
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-0.09% / 24.78%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:01
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-officeoffice_long_term_servicing_channel365_appsMicrosoft Office 2016Microsoft 365 Apps for EnterpriseMicrosoft Office 2019Microsoft Office LTSC for Mac 2021Microsoft Office LTSC 2024Microsoft Office LTSC for Mac 2024Microsoft Office LTSC 2021
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-28537
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.63%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Audio

Memory corruption while allocating memory in COmxApeDec module in Audio.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-s820aqca9377_firmwaresa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca83378098qca6431_firmwarewcd9360_firmwareqca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917sm8350csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwares820a_firmwaresd632wcn685x-1apq5053-aa_firmwaresda845_firmwaremsm8108sm4375wcn3998wcd9371_firmwaremsm8108_firmwareqam8295pwcn3950sm4125sd720gmdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmware8998_firmwareqca4020sm7315_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360snapdragon_xr2\+_gen_1_platformsda845sd680_firmwaresnapdragon_auto_5g_modem-rf_firmwarewcn3999qrb5165m_firmwareqrb5165_firmwareqca6698aqqcs6125sa4155p_firmwaresa8155_firmwaresd662_firmwareqca6430wcd9340sd626_firmwaresd765gsd680qca4020_firmwareqca6436sa6155pqcs603_firmwareqca6698aq_firmwaremsm8209_firmwarewcn685x-1_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gsnapdragon_x12_lte_modemwcn3910_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresa8295p_firmwaresd450wcn3610msm8608wcn3991qca8337_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwaresd625_firmwareqca6564ausmart_audio_100_platform_firmwaresd670_firmwareqca6574sd632_firmwareapq8053-acwcd9380snapdragon_wear_4100\+_platform_firmwareqcs410sd690_5g_firmwareapq8053-ac_firmwareqca9379_firmwareqcn9012_firmwaresd626qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn3910qca6320qca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsd678_firmwaresnapdragon_x65_5g_modem-rf_systemar8031_firmwarewcn3680_firmwaresm8350_firmwareqrb51658098_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870snapdragon_x24_lte_modemsd210_firmwareqcs610_firmwareqsm8250sa6145psd695_firmwarear8031qca6595_firmwaresa8145psdm630_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqm215_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439wcn3660qca9379sa4155par8035_firmwareqcm2290qsm8250_firmwaresdm845_firmwarewcn3991_firmwarewsa8830sd6788998sa8145p_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwarecsrb31024mdm9628_firmwareflight_rb5_5g_platformsd_636csra6620flight_rb5_5g_platform_firmwareqcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd9370sd675_firmwaresd625qca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377wcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaremsm8208snapdragon_x65_5g_modem-rf_system_firmwareqca6310apq8053-aa_firmwaresd429qcs6490sdm630wcn3988_firmware315_5g_iot_modemqcn9074sd205qm215qca6421sd429_firmwaresd778g_firmwaresa6145p_firmwaresa8195psxr1120sm6250apq8017_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081apq8053-aaqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwaremsm8917_firmwaresd210wcn3620_firmwarewsa8815_firmwareqcm6490wsa8835_firmwarewcn3620apq8017sxr1120_firmwareqca6564asa4150pqcm6125_firmwareqcm2290_firmwareapq5053-aawcn3990sd_675sd780gsdm845sd865_5gqca6595sm8350-ac_firmwareqcn9012sd888wsa8835msm8996ausdm429w_firmwaresd665_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsm6250psxr2130snapdragon_wear_4100\+_platformqca6574awcn685x-5_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665smart_audio_100_platformsnapdragon_xr2_5g_platform_firmwaresd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msm7315apq8009snapdragon_x55_5g_modem-rf_system_firmwaresd460qca6391aqt1000_firmwaresnapdragon_auto_4g_modemqcm4290csrb31024_firmwareqcm6490_firmwaresnapdragon_xr1_platformsd480_firmwarewcn685x-5qcn9011qca6574ausd710sa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125wsa8810wcn3680bsm8350-acsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150psd845sm7250psd720g_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28523
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.08%
||
7 Day CHG~0.00%
Published-09 Dec, 2023 | 02:24
Updated-27 May, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Informix Dynamic Server buffer overflow

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753.

Action-Not Available
Vendor-IBM Corporation
Product-informix_dynamic_server_on_cloud_pak_for_datainformix_dynamic_serverInformix Dynamic Server
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28547
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.76%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in SPS Applications

Memory corruption in SPS Application while requesting for public key in sorter TA.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwaresd865_5gqcs8155_firmwaresnapdragon_632_mobileqca6595qca8081_firmwaresnapdragon_670_mobilewcd9340_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilefastconnect_6700wcn3610sa4150psnapdragon_427_mobile_firmwaresnapdragon_782g_mobile_firmwaresnapdragon_wear_4100\+_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_665_mobile_firmwaresc8180xp-aaabqca6574au_firmwareqcn7606_firmwareqca6564_firmwaresm6370qam8295pwcd9341sd626_firmwaresnapdragon_820_automotivesnapdragon_888\+_5g_mobile_firmware315_5g_iot_firmwaresd730_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresc8180xp-acafwcn3660_firmwaresnapdragon_820_automotive_firmwarefastconnect_6800_firmwareqcs5430sd835_firmwareqcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770psnapdragon_678_mobile_firmwaresnapdragon_425_mobilesd821snapdragon_632_mobile_firmwaresa8540pqsm8250_firmwareqsm8350_firmwarevideo_collaboration_vc1_platformqep8111sa7255psnapdragon_730_mobile_firmwarewcd9385_firmwareqca6421vision_intelligence_200qca6310wcd9360sd821_firmwaresnapdragon_680_4g_mobilesa6155pqca6564au_firmwaresd820snapdragon_429_mobile_firmwareqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psnapdragon_888_5g_mobile_firmwaresxr2250p_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaremdm9640_firmwaresd835snapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwareqca6436_firmwaresnapdragon_695_5g_mobile_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqts110sm4125_firmwareqca6420wcn3910apq8064au_firmwaremdm9205s_firmwarecsrb31024snapdragon_712_mobilewcn3660bqca6574awcn3620_firmwareqca6174awcd9340qcs8250_firmwareqcm2290qdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2snapdragon_835_mobile_pc_firmwaresm8550p_firmwaresxr2250pqcm8550wcn3988snapdragon_765_5g_mobile_firmwareqcn9024vision_intelligence_300_firmwareqca6574215_mobileqamsrv1hqcs410qcm2290_firmwarevision_intelligence_100sa8155phome_hub_100snapdragon_765g_5g_mobile_firmwarewsa8830smart_display_200_firmwaresm8550psa6145psnapdragon_625_mobile_firmwaresa8255p_firmwaremsm8996ausnapdragon_4_gen_2_mobilesnapdragon_7c_compute_firmwareqrb5165m_firmwaresa8650p_firmwaresnapdragon_820_mobile_firmwarewcn3620snapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobileapq8064auwcn3950_firmwareqrb5165nmdm9205sfastconnect_6200sm7325p_firmwaresd460wcd9360_firmwaresc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwareqdx1011snapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobilesc8180xp-acaf_firmwareqcn6224_firmwarevision_intelligence_100_firmwareqca6431sd660_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwareqca9379_firmwaresxr2130_firmwaresrv1msnapdragon_860_mobile_firmwarear8035_firmwaresnapdragon_778g\+_5g_mobileqrb5165msc8380xpqca6320sd888_firmwarewcd9306qcs6125_firmwaresnapdragon_wear_1300_firmwareqcn9074wsa8815_firmwareqca8337_firmwaresnapdragon_665_mobilesm7250p_firmwarewcn3680_firmwarewcn3999wcn3950snapdragon_730g_mobile_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresnapdragon_778g\+_5g_mobile_firmwareapq8037sa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresa4155p_firmwaresnapdragon_720g_mobilesm7250pcsrb31024_firmwaresa8155sc8180x-acafsd888qru1062_firmwarefsm10056sd460_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062qca6310_firmwaresd626fastconnect_6800qcs7230pm8937snapdragon_865_5g_mobile_firmwarewcd9371fastconnect_6900_firmwarerobotics_rb5_firmwaresc8180x-aaab_firmwarevideo_collaboration_vc3_platformqcm2150_firmware215_mobile_firmwareqca6431_firmwareqca6698aq_firmwareqcs2290qcn7606qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615wcn3999_firmwarewcn3680sa8255pqcs7230_firmwarewcd9390_firmwareqep8111_firmwareqca6430snapdragon_855\+_mobilemdm9650qdx1011_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilesc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfflight_rb5_5g_firmwaressg2125pqru1052snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwareqamsrv1mqam8650p_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwaremdm9640qca6436qrb5165n_firmwarewcn3980_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmware9205_lte_firmwareqdu1010_firmwareqcs4290_firmwaresnapdragon_430_mobile_firmwarecsra6620qca8081sd660wsa8815qam8775pqca9377snapdragon_ar2_gen_1_firmwareqcm4325_firmwaresnapdragon_439_mobile_firmwareqcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_821_mobile_firmwaresnapdragon_710_mobileqcs5430_firmwaresg4150p_firmwareqru1052_firmwarecsra6620_firmwareqcs8550sa8650psnapdragon_626_mobileqam8775p_firmwaresd865_5g_firmwaresnapdragon_xr1wcd9375snapdragon_ar2_gen_1snapdragon_636_mobilesa8145psd_675snapdragon_8\+_gen_1_mobile_firmwaresmart_display_200qdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareqcm8550_firmwareapq8017qcs410_firmwarerobotics_rb3sa6150p_firmwaresw5100psxr1120qcs610_firmwarewcd9335wcd9370snapdragon_7c_gen_2_compute_firmwareqca4004qca6696wcd9341_firmwarewcn6740_firmwaresnapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilevision_intelligence_200_firmwaresnapdragon_685_4g_mobilesnapdragon_x50_5g_modem-rf_firmwareqdu1110snapdragon_auto_4g_modemsnapdragon_690_5g_mobile_firmwaresnapdragon_wear_1300qca6574auwcd9390sa8620p_firmwarepm8937_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresrv1hwcn3660b_firmwaresd730snapdragon_690_5g_mobileqcn6024_firmwaresnapdragon_636_mobile_firmwareqcm5430snapdragon_712_mobile_firmwaresnapdragon_625_mobileqcm6125_firmwarec-v2x_9150ssg2115pqcc710snapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_wear_4100\+fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqru1032_firmwarefsm10056_firmwareqfw7114qam8255p_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilewsa8845snapdragon_626_mobile_firmwareqca6421_firmwareqcm6125sc8180x-adwsa8810qdu1000_firmwareqsm8250srv1h_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwareqdu1010wcd9326_firmwaresnapdragon_845_mobile_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqcn9012mdm9650_firmwarewcd9371_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwaresnapdragon_8\+_gen_2_mobilesa8195p9205_lteqca6335_firmwareqcm6490sa8540p_firmwaresm6370_firmwaresnapdragon_662_mobileqca9379sa8775psxr2230p_firmwaresd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresmart_audio_400qcn9024_firmwarewsa8845hsa6150pwcd9326sa8155p_firmwaresnapdragon_630_mobileqca6564aqcn9074_firmwaresnapdragon_768g_5g_mobile_firmwaresnapdragon_7c_gen_2_computesc8180x\+sdx55_firmwarear8035qamsrv1m_firmwareqca6564sa6155qcm4325qcn6224snapdragon_435_mobile_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250snapdragon_480\+_5g_mobilesd670wcn3680bsa8145p_firmwareqcs8155sa8150p_firmwarefastconnect_6700_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwareqcs6490qcs8250snapdragon_695_5g_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarehome_hub_100_firmwaresnapdragon_460_mobile_firmwarewsa8830_firmwareqca6678aq_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqca6678aqsnapdragon_x35_5g_modem-rfsc8180xp-aaab_firmwaresa4150p_firmwareqca6564ausnapdragon_820_mobilesnapdragon_425_mobile_firmwaresm6250p_firmwaresc8180xp-adsc8280xp-abbbsa8195p_firmwareqcm4290sd_455_firmwarear8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_xr2\+_gen_1sm4125qcm4490_firmwareqru1032vision_intelligence_400_firmwareqcs6125flight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobileqca4004_firmwaresnapdragon_870_5g_mobilesnapdragon_678_mobilesd_455sm6250_firmwaresc8180x-ad_firmwaresnapdragon_7c_computeqca6584auqca6320_firmwareqcn6274_firmwaresnapdragon_435_mobileqcn9011_firmwaresw5100_firmwarewcn6740snapdragon_780g_5g_mobile_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobileapq8017_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_450_mobile_firmwaresnapdragon_xr2_5gsa8150psnapdragon_x24_lte_modemmsm8996au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsxr1230psd662_firmwarewcn3660sw5100aqt1000wcd9306_firmwaresnapdragon_4_gen_1_mobile_firmwareqca6234c-v2x_9150_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315snapdragon_660_mobileqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350qca6234_firmwaresnapdragon_8_gen_1_mobilesnapdragon_630_mobile_firmwaresd662snapdragon_680_4g_mobile_firmwarewcn3610_firmwareqcs4290sxr1230p_firmwaresnapdragon_821_mobilesnapdragon_865\+_5g_mobilesd820_firmwaresg8275psm6250psdx55_firmwarewcn3615_firmwaresxr2130qcm4490snapdragon_480\+_5g_mobile_firmwarerobotics_rb5qca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfapq8037_firmwaresnapdragon_670_mobile_firmwareaqt1000_firmwaresdm429wqca6584au_firmwareqcn6274qfw7124qca6595au_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqca6797aqsnapdragon_x75_5g_modem-rfsnapdragon_427_mobilesa8620pqca6574a_firmwaresdx55snapdragon_4_gen_1_mobilesnapdragon_450_mobilesnapdragon_865_5g_mobilesnapdragon_835_mobile_pcsd675snapdragon_855\+_mobile_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qts110_firmwareqcn9012_firmwaresnapdragon_439_mobilesa8770p_firmwaresa8295psc8280xp-abbb_firmwarefastconnect_7800snapdragon_8\+_gen_2_mobile_firmwarevision_intelligence_300snapdragon_765g_5g_mobilewcn3988_firmware315_5g_iotqamsrv1h_firmwaresnapdragon_430_mobilevision_intelligence_400wsa8835_firmwaressg2115p_firmwarewcn3980qcm2150snapdragon_w5\+_gen_1_wearableqcs610Snapdragonsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_720g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarewsa8832_firmwareqca6431_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwaresd888_firmwareqcn9024_firmwareqca6234_firmwaresd820_firmwaresd821_firmwarewcn3660_firmwarewsa8835_firmwaresd670_firmwarefastconnect_6700_firmwaresa8155p_firmwareqcn6224_firmwareqca6420_firmwarecsrb31024_firmwaresd626_firmwareqca9377_firmwaresm7315_firmwaresnapdragon_820_automotive_platform_firmwarevision_intelligence_400_platform_firmwaresd835_firmwarewcd9385_firmwarewcn3610_firmwarefastconnect_7800_firmwaressg2125p_firmwarewcd9360_firmwarecsra6620_firmwaresa8155_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqamsrv1m_firmwaresa8620p_firmwareqcn6274_firmwarewcd9306_firmwareqam8650p_firmwarec-v2x_9150_firmwareqsm8250_firmwarewcn3950_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresrv1m_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8195p_firmwarewcn3910_firmwareqcn9012_firmwareqcs5430_firmwareqdx1011_firmwaresw5100_firmwaresa9000p_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmware315_5g_iot_modem_firmwarewsa8845_firmwaresd660_firmwaresnapdragon_429_mobile_platform_firmwaremdm9640_firmwareqca6574au_firmwareapq8017_firmwareqca6678aq_firmwaresm4125_firmwaresnapdragon_425_mobile_platform_firmwarewcn3980_firmwarewcn3680_firmwaresnapdragon_626_mobile_platform_firmwareqcm6125_firmwarewcn3660b_firmwareqca6696_firmwaresnapdragon_430_mobile_platform_firmwareqsm8350_firmwareapq8064au_firmwaresnapdragon_xr1_platform_firmwareqca8337_firmwarefsm10056_firmwareqca6595au_firmwareqamsrv1h_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_ar2_gen_1_platform_firmwarepm8937_firmwarewcd9395_firmwareqdu1010_firmwaresg4150p_firmwareqca6174a_firmwareqca6391_firmwarewcd9370_firmwarewsa8840_firmwaretalynplus_firmwaresnapdragon_427_mobile_platform_firmwareqam8775p_firmwarewcd9371_firmwarerobotics_rb3_platform_firmwaresw5100p_firmwareqcm4325_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8830_firmwaremsm8996au_firmwareqam8295p_firmwareqca6320_firmwareqca6574_firmwaresd_675_firmwarewcd9335_firmwaresnapdragon_630_mobile_platform_firmwarear8031_firmwareqcm4490_firmwarequalcomm_215_mobile_platform_firmwareqcm2290_firmwaresnapdragon_480_5g_mobile_platform_firmwaresnapdragon_662_mobile_platform_firmwareqdx1010_firmwareqcs610_firmwarewsa8815_firmwarewcn3990_firmwareapq8037_firmwaresm6370_firmwaresnapdragon_450_mobile_platform_firmwareqca9379_firmwareqrb5165m_firmwareqca6430_firmware9205_lte_modem_firmwaresd865_5g_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6426_firmwaresnapdragon_auto_4g_modem_firmwaresc8380xp_firmwaresdx55_firmwaresmart_audio_400_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6421_firmwareqam8255p_firmwareqca6310_firmwaresa8650p_firmwaresnapdragon_435_mobile_platform_firmwareqca6574a_firmwaresd_455_firmwareqcs4490_firmwaresa8150p_firmwareqcs7230_firmwaresrv1h_firmwaresd855_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresa8255p_firmwaresm7325p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_660_mobile_platform_firmwaresnapdragon_855_mobile_platform_firmwareqcm6490_firmwaresxr2250p_firmwarefastconnect_6200_firmwaresnapdragon_820_mobile_platform_firmwaresa4155p_firmwaresm6250_firmwaresa6155_firmwaresm7250p_firmwaresnapdragon_675_mobile_platform_firmwareqca6698aq_firmwareqca8081_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa8770p_firmwaresnapdragon_710_mobile_platform_firmwaresnapdragon_636_mobile_platform_firmwarecsra6640_firmwaresxr1120_firmwarewcd9341_firmwarewsa8845h_firmwareqcm8550_firmwareqdu1110_firmwareqca6436_firmwaresd662_firmwareqca6595_firmwaresa7255p_firmwarewcd9326_firmwareqcn9011_firmwaremdm9650_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_439_mobile_platform_firmwarevision_intelligence_300_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6564a_firmwareqca6335_firmwareqcn7606_firmwaresnapdragon_625_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwarewcd9340_firmwaresnapdragon_x24_lte_modem_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6800_firmwareqcs6125_firmwareqcc710_firmwaresa6155p_firmwareqcn9074_firmwarewcn6740_firmwaresd_8_gen1_5g_firmwareqcs8550_firmwaresa8540p_firmwareqca6564au_firmwaresnapdragon_xr2_5g_platform_firmwareqca6564_firmwaresm6250p_firmwareqep8111_firmwaresa8775p_firmwaresnapdragon_wear_1300_platform_firmwarewcn3615_firmwareqcs8155_firmwarewcd9390_firmwareaqt1000_firmwaresm8550p_firmwaresdm429w_firmwarewcn3999_firmwareqcs6490_firmwaresnapdragon_632_mobile_platform_firmwareqcm5430_firmwaresnapdragon_821_mobile_platform_firmwaresd675_firmwaresa6145p_firmwaresnapdragon_835_mobile_pc_platform_firmwaresa8295p_firmwaresnapdragon_845_mobile_platform_firmwaresa4150p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa6150p_firmwaresxr1230p_firmwareqfw7124_firmwaremdm9205s_firmwarefastconnect_6900_firmwareqdu1000_firmwaresxr2130_firmwarewcd9380_firmwareqca6584au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwareqfw7114_firmwaresd730_firmwaresxr2230p_firmwaressg2115p_firmwaresg8275p_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8145p_firmwaresd460_firmwareqru1052_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwareqdu1210_firmwareqcs4290_firmwarehome_hub_100_platform_firmwareqru1062_firmwareqcs2290_firmwaresnapdragon_460_mobile_platform_firmwareqca6797aq_firmwarewcn3680b_firmwaresnapdragon_712_mobile_platform_firmwareqcm2150_firmwarewcn3620_firmwaresnapdragon_665_mobile_platform_firmwareqru1032_firmwareqcs410_firmwareqts110_firmwareqcm4290_firmwareqca4004_firmwareqcs8250_firmwarewcd9375_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28538
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.36%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-27 Feb, 2025 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in WIN Product

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_850_mobile_compute_platform_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca6431_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwarewcd9371_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcn3950sd_8_gen1_5g_firmwaresd710_firmwaresd460_firmwarequalcomm_robotics_rb3_platform_firmwareqca6574au_firmwarewcd9375_firmwaresa6155_firmwareqca6420snapdragon_xr2\+_gen_1_platformsd680_firmwaresd_8cx_gen2qrb5165m_firmwaresa4155p_firmwareqcs6125sa8155_firmwaresd662_firmwareqca6430wcd9340sd765gsw5100fsm10056_firmwareqca6436sd680sa6155pwcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_4_gen_1sd712wcn3988sa8195p_firmwarefastconnect_6800_firmwareqcn7606_firmwarewcd9380_firmwaressg2125psw5100psnapdragon_w5\+_gen_1_wearable_platformqca6564ausd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresxr1230pqca6430_firmwareqcn9012_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815sd7cwcn3910qca6426_firmwaresd695wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwaresmart_audio_200_platformsnapdragon_xr2_5g_platformsd678_firmwarefastconnect_6900fastconnect_6900_firmwaresd670smart_audio_200_platform_firmwareqca6564a_firmwarequalcomm_robotics_rb5_platform_firmwareqcm4290_firmwaresd480sd870wsa8832sw5100p_firmwareqcs610_firmwareqsm8250sa6145psd695_firmwareqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresdx55sa8155pcsra6640sd675ssg2115p_firmwareqcs8155_firmwaresa4155pqcm2290qsm8250_firmwareqcn7606wsa8830sd678sa8145p_firmwaresxr2230p_firmwaresnapdragon_850_mobile_compute_platformqcs2290_firmwarefsm10056sd7c_firmwaresnapdragon_4_gen_1_firmwareflight_rb5_5g_platformcsra6620flight_rb5_5g_platform_firmwareqcs4290sd765g_firmwareqca6420_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaressg2115pqca6564qca6426wcn3990_firmwareqrb5165n_firmwarequalcomm_robotics_rb3_platformsd_8cx_firmwarewcd9385_firmwarewcd9326_firmwarefastconnect_6200sd662qcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsdx55_firmwareqca6595ausm7250p_firmwareqca6436_firmwareqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa6155p_firmwareqca6310qcs8155vision_intelligence_300_platform_firmwarewcn3988_firmwaresa6145p_firmwareqca6421sd712_firmwaresm6250sa8195psxr1120wsa8810_firmwarevision_intelligence_400_platformsd765_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9326sg4150pwcd9335qca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwarewcd9375sd750g_firmwareaqt1000sc8180x\+sdx55_firmwaresm6250_firmwarevision_intelligence_400_platform_firmwarewsa8815_firmwarewsa8835_firmwaresxr1120_firmwareqca6564asa4150psg4150p_firmwareqcm6125_firmwareqcm4325qcm2290_firmwarewcn3990sd_675sd865_5gfastconnect_6800qca6595qcn9012wsa8835sxr1230p_firmwaresd665_firmwaresd_8_gen1_5gsm6250pssg2125p_firmwaresxr2130qca6574aqca6174aqca6310_firmwareqca6574_firmwaresd855sm4125_firmwaresd665sxr2230psnapdragon_xr2_5g_platform_firmwaresd765qca6574a_firmwarefastconnect_6200_firmwaresd768g_firmwareqrb5165mvision_intelligence_300_platformsnapdragon_x55_5g_modem-rf_system_firmwaresd460qca6391fastconnect_7800aqt1000_firmwareqcm4290wsa8832_firmwaresnapdragon_xr1_platformsd480_firmwareqcn9011qca6574ausa8155p_firmwaresd710wcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810snapdragon_ar2_gen_1_platformqca6564_firmwaresd768gqca6696sd845_firmwaresa6150psnapdragon_x50_5g_modem-rf_systemsd845qualcomm_robotics_rb5_platformsm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24853
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.36%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-27 Feb, 2025 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in HLOS

Memory Corruption in HLOS while registering for key provisioning notify.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformwsa8830sa6150p_firmwaresa8145p_firmwaresxr2230p_firmwarefsm10056qca8337qam8650pqfw7124sg8275p_firmwareqca6431_firmwareqam8775pqru1052snapdragon_865_5g_mobile_platformsnapdragon_888_5g_mobile_platformqcn6224_firmwaresc8280xp-bb_firmwaresm7250-ac_firmwarewsa8840wcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6595au_firmwaresa6155wcd9370ssg2115pqca6564qca6426sc8280xp-abqdu1110snapdragon_8_gen_2_mobile_platformsm8250-abqamsrv1hwcd9385_firmwareqam8295pwcn3950fastconnect_6200qamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350qam8295p_firmwaresa8155sa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresnapdragon_4_gen_2_mobile_platformqca6595auqca8081_firmwaresa6155_firmwareqfw7114sm7250p_firmwarewsa8845h_firmwareqca6436_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcs8155wsa8840_firmwareqca6698aqsa4155p_firmwaresa8155_firmwareqcs8550_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmwareqru1062_firmwaresa6145p_firmwaresrv1hqca6421sm7250-aasnapdragon_8\+_gen_1_mobile_platformfastconnect_6700_firmwaresa8195pwcd9340wsa8810_firmwareqcn6224fsm10056_firmwareqca6436snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresa6155psnapdragon_x75_5g_modem-rf_systemqdu1000_firmwareqca8081wcd9395_firmwarewsa8845hqca6698aq_firmwareqcm4490wcd9385sxr2130_firmwareqam8775p_firmwaresa8255pqca6431qca6696_firmwareqca6797aqar8035qru1052_firmwaresa8150pwcd9390qcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqca6564asa8295p_firmwaresa4150psnapdragon_8_gen_2_mobile_platform_firmwareqca8337_firmwarewcd9380_firmwaressg2125psd865_5gfastconnect_6800qca6595qru1032qca6564auqcm8550sm8350-ac_firmwareqdu1010_firmwareqdx1011qdu1000wsa8835qca6574sxr1230p_firmwareqdu1110_firmwaresa8540p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa4155pqcn6274sd_8_gen1_5gwcd9380fastconnect_6700snapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqca6574asxr2130sxr1230psg8275pqfw7114_firmwareqru1062wsa8845sa8650psa9000pqca6574_firmwaresm7250-abwcd9340_firmwarewsa8815sxr2230pqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391sa8295pqca6421_firmwarefastconnect_7800sc8280xp-ab_firmwareqcm4490_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemsa8650p_firmwarewsa8832_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwareqdu1010qca6574ausa8155p_firmwareqdx1011_firmwareqca6564a_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformsm7250-aa_firmwarewsa8810wsa8832qdx1010_firmwaresa8540psm7250-acsm8550psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_ar2_gen_1_platformsa6145psm8350-acqam8650p_firmwareqca6564_firmwareqcc710qcs4490qca6595_firmwaresa8145psc8280xp-bbqca6696wcd9395qca6391_firmwareqcs8550sa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqdx1010sa6150pwcd9390_firmwaresa8155pqdu1210sm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaressg2115p_firmwareqcs8155_firmwareqfw7124_firmwareqam8255pqdu1210_firmwarear8035_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-24852
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.66%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Authentication in Core

Memory Corruption in Core due to secure memory access by user while loading modem image.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresd865_5gqcs8155_firmwareqca6595ipq6028_firmwareqca8081_firmwaresnapdragon_x50_5g_modem-rf_systemwcd9340_firmwarewcd9395_firmwaresnapdragon_730_mobile_platformqcn6024qcc710_firmwareqca6426fastconnect_6700snapdragon_768g_5g_mobile_platform_firmwaresa4150pwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_460_mobile_platformqca6574au_firmwaresnapdragon_8cx_gen_3_compute_platform_firmwareqcn7606_firmwareqca6564_firmwareqam8295pwcd9341wsa8810_firmwaresd730_firmwarewsa8845h_firmwaresnapdragon_8cx_gen_2_5g_compute_platformsa9000p_firmwarefastconnect_6800_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_778g\+_5g_mobile_platformqcn9000snapdragon_8cx_compute_platform_firmwaresa8540psnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqsm8250_firmwareqsm8350_firmwaresnapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310wcd9360snapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_7c_compute_platformimmersive_home_3210_platform_firmwaresnapdragon_685_4g_mobile_platformsa6155pqca6564au_firmwaresnapdragon_768g_5g_mobile_platformqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psa6155p_firmwaresnapdragon_870_5g_mobile_platform_firmwareqca6436_firmwaresnapdragon_8\+_gen_1_mobile_platformqcn5021_firmwareqcn9070snapdragon_7c_compute_platform_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqts110qca8084sm4125_firmwareqca6420wcn3910mdm9205s_firmwarecsrb31024snapdragon_x70_modem-rf_system_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwareqca6574aqca6174awcd9340qcs8250_firmwareqcm2290qdu1210sm8550p_firmwareqcm8550wcn3988qcn5122_firmwareqcn9024snapdragon_460_mobile_platform_firmwareqca6574snapdragon_x75_5g_modem-rf_systemsnapdragon_8cx_compute_platformqamsrv1hsdx57mqca8082qcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550pqcf8000_firmwaresa6145psnapdragon_8\+_gen_1_mobile_platform_firmwaresa8255p_firmwareqrb5165m_firmwaresa8650p_firmwaresnapdragon_678_mobile_platform_firmwarewcn3950_firmwareqrb5165nmdm9205ssnapdragon_8_gen_1_mobile_platformfastconnect_6200sm7325p_firmwaresd460snapdragon_730g_mobile_platformsnapdragon_8cx_gen_2_5g_compute_platform_firmwarewcd9360_firmwareqdx1011smart_audio_400_platformsnapdragon_855\+\/860_mobile_platformvideo_collaboration_vc3_platform_firmwareqcn6023_firmwaresd670_firmwareimmersive_home_326_platform_firmwaresnapdragon_750g_5g_mobile_platformqcn9072qcn6224_firmwareqca6431qca8082_firmwaresdx57m_firmwaresxr2130_firmwarear8035_firmwaresnapdragon_730_mobile_platform_firmwareqrb5165msnapdragon_888_5g_mobile_platformsc8380xpipq6005snapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwarewcd9306qcs6125_firmwareipq9008_firmwareqcn9074wsa8815_firmwareqca8337_firmwaresnapdragon_7c_gen_2_compute_platform_snapdragon_8c_compute_platformsm7250p_firmwarewcn3999ipq6010_firmwarewcn3950snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_765g_5g_mobile_platform_firmwareqcf8001_firmwareqcn9070_firmwaresnapdragon_780g_5g_mobile_platformsa8295p_firmwaresd_675_firmwaresa4155p_firmwareqca9984qcn9022_firmwaresnapdragon_720g_mobile_platformsm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresnapdragon_845_mobile_platform_firmwaresd888qru1062_firmwarefsm10056sd460_firmwaresnapdragon_4_gen_2_mobile_platformsc8380xp_firmwareqru1062qca6310_firmwarefastconnect_6800qcs7230snapdragon_685_4g_mobile_platform_firmwarewcd9371snapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwaresnapdragon_732g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwareqca8075_firmwarevision_intelligence_300_platform_firmwareqcf8000snapdragon_865\+_5g_mobile_platformsdx65m_firmwarevideo_collaboration_vc3_platformsnapdragon_865_5g_mobile_platform_firmwareqca6431_firmware9205_lte_modem_firmwareqca6698aq_firmwareqcs2290qcn7606qcs2290_firmwarewcn3999_firmwareqca8084_firmwaresnapdragon_678_mobile_platformsa8255pqcs7230_firmwaresnapdragon_720g_mobile_platform_firmwarewcd9390_firmwaresnapdragon_690_5g_mobile_platformqca6430qdx1011_firmwaresnapdragon_auto_5g_modem-rfssg2125pqru1052csra6640_firmwareimmersive_home_326_platformqam8650p_firmwareqcn9013_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqdu1010_firmwaresnapdragon_732g_mobile_platformqcs4290_firmwaresnapdragon_865_5g_mobile_platformcsra6620qca8081wsa8815qam8775pqca9377qcm4325_firmwareqcm4290_firmwareqcn9274_firmwaresmart_audio_400_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwaresnapdragon_670_mobile_platformcsra6620_firmwareqcs8550sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375sa8145psd_675snapdragon_888\+_5g_mobile_platform_firmwarecsr8811qdx1010qcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pvision_intelligence_300_platformipq9574qcn9000_firmwareqcn9022qcs610_firmwarewcd9335wcd9370qca8072qca4004qca6696wcd9341_firmwarewcn6740_firmwareipq6018_firmwareqca9984_firmwareqcn6023qdu1110ipq6000snapdragon_auto_4g_modem9205_lte_modemqca6574auwcd9390csra6640srv1hqcn5122sd730snapdragon_730g_mobile_platform_firmwareqcn6024_firmwaresnapdragon_695_5g_mobile_platformqcm6125_firmwarec-v2x_9150ssg2115pqcc710snapdragon_850_mobile_compute_platformrobotics_rb3_platform315_5g_iot_modem_firmwarefastconnect_6900qru1032_firmwareipq5332_firmwareqcn5052fsm10056_firmwareqfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresa8155_firmwaresnapdragon_888_5g_mobile_platform_firmwaresnapdragon_wear_1300_platform_firmwareqca6335qcs4490snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qca6421_firmwareqcm6125csr8811_firmwarewsa8810qcn5021qdu1000_firmwareqca8085qsm8250snapdragon_8\+_gen_2_mobile_platformsrv1h_firmwareqca6595ausm7315_firmwareqdu1010wcd9326_firmwarewsa8840qcs8550_firmwareqdu1210_firmwareqfw7124_firmwareqcn9012wcd9371_firmwareqcs4490_firmwareqcf8001wcn3910_firmwaresnapdragon_855\+\/860_mobile_platform_firmwaresdx65mwcd9370_firmwareqcn5121_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqdu1110_firmwareqdu1000ipq9570sa8195pqca6335_firmwareqcm6490sa8540p_firmwareimmersive_home_3210_platformqcn9274ipq9570_firmwaresxr2230p_firmwaresd675_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformqcn9011qcn9024_firmwaresnapdragon_8cx_gen_3_compute_platformwsa8845hsa6150pwcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_wear_1300_platformsnapdragon_662_mobile_platformqcn9074_firmwarevision_intelligence_400_platform_firmwaresnapdragon_765_5g_mobile_platformsc8180x\+sdx55_firmwareflight_rb5_5g_platform_firmwaresnapdragon_665_mobile_platformar8035qca6564sa6155qcm4325robotics_rb5_platformqcn6224sc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250snapdragon_8c_compute_platform_firmwaresnapdragon_7c_gen_2_compute_platform__firmwaresd670sa8145p_firmwareqcs8155snapdragon_888\+_5g_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarewcn3990snapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250ipq9554_firmwarefastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqca8386_firmwaresnapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwaresnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresa4150p_firmwareipq9008ipq9554qca6564ausm6250p_firmwaresa8195p_firmwareqcm4290ipq5332snapdragon_680_4g_mobile_platformqcn5121qcn9013ar8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresm4125qcm4490_firmwaresnapdragon_855_mobile_platformqru1032robotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformqcs6125snapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_670_mobile_platform_firmwareqca8085_firmwareipq6005_firmwareqca4004_firmwaresm6250_firmwaresnapdragon_780g_5g_mobile_platform_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaresnapdragon_x24_lte_modemqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwaresxr1230psd662_firmwareipq6010sw5100aqt1000wcd9306_firmwarec-v2x_9150_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315qca6564a_firmwarewcd9385qsm8350sd662qcs4290sxr1230p_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresg8275psm6250psdx55_firmwaresxr2130ipq6028qcm4490snapdragon_xr2\+_gen_1_platformqca6174a_firmwaresm7325psnapdragon_855_mobile_platform_firmwareaqt1000_firmwareqcn5152_firmwareqcn6274snapdragon_480_5g_mobile_platform_firmwareqfw7124qca6595au_firmwareqca0000sw5100p_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqca6797aqqcn5152vision_intelligence_400_platformqca6574a_firmwaresdx55qcn9072_firmwaresnapdragon_480\+_5g_mobile_platformsd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca8386qca6391snapdragon_x70_modem-rf_systemqts110_firmwareqcn9012_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295probotics_rb5_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareipq6000_firmwarefastconnect_7800wcn3988_firmwareqamsrv1h_firmwaresd_8cxwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwareqcs610Snapdragon
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22666
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.63%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 10:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Audio

Memory Corruption in Audio while playing amrwbplus clips with modified content.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108sa415msm4375wcn3998wcd9371_firmwaremsm8108_firmwareqam8295pwcn3950sm4125sd720gmdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwareqca6420wcd9360sd680_firmwarewcn3999qrb5165_firmwareqrb5165m_firmwareqca6698aqqcs6125sa4155p_firmwaresa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd626_firmwaresd765gsd680qca4020_firmwareqca6436wcn6851sa6155pqca6698aq_firmwaremsm8209_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresa8295p_firmwaresd450wcn3610msm8608wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwaresd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqcn9012_firmwaresd626qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730sdx55msa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwaresd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareqsm8250sa6145psd695_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwareqm215_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439wcn3660qca9379sa4155psxr2150par8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarecsrb31024mdm9628_firmwaresd_636csra6620qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaremsm8208qca6310sa515m_firmwaresd429qcs6490sdxr2_5gsdm630sa415m_firmwarewcn3988_firmwareqcn9074sd205qm215qca6421sd429_firmwaresd778g_firmwaresa6145p_firmwaresa8195psm6250apq8017_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwaresda429wmsm8917_firmwaresd210wcn3620_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24qcn9012sd888wsa8835qcx315_firmwaremsm8996ausdm429w_firmwaresd665_firmwaresd_8_gen1_5gsd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msd480_firmwareqcn9011qca6574ausd710sa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresa6150papq8096au_firmwaresd845sm7250psd720g_firmwaresdx12qcn9074_firmwareqcs410_firmwareSnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-32229
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.22% / 44.86%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 00:00
Updated-03 Jun, 2025 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column.

Action-Not Available
Vendor-n/aFFmpeg
Product-ffmpegn/affmpeg
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-21632
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.63%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in Automotive GPU

Memory corruption in Automotive GPU while querying a gsl memory node.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareapq8064au_firmwareqca6698aqqca6595qca6564ausa8155_firmwaresnapdragon_820_automotive_platform_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540psa8295p_firmwareqca6574aqca6698aq_firmwaresa6145pqca6584au_firmwareqca6696_firmwareqca6595_firmwaresa8145pqca6696qam8295psa9000papq8064ausa8150psa6150psa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwareqca6564asnapdragon_820_automotive_platformsa8295pSnapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-32504
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.25% / 47.82%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 00:00
Updated-13 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write vulnerability.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_850exynos_w920_firmwareexynos_2100exynos_850_firmwareexynos_1380_firmwareexynos_1280exynos_1080exynos_1380exynos_1330exynos_w930exynos_1330_firmwareexynos_w920exynos_w930_firmwareexynos_1280_firmwareexynos_2100_firmwareexynos_1080_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20721
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.05%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-24 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt6895mt6983mt8673androidmt8395yoctomt8195mt6879MT6879, MT6895, MT6983, MT8195, MT8395, MT8673
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2024-31336
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.55%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 00:09
Updated-17 Dec, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PVRSRVBridgeRGXKickTA3D2 of server_rgxta3d_bridge.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Imagination Technologies LimitedGoogle LLC
Product-androidAndroidddk
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-29746
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.40%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 20:02
Updated-27 Aug, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-Androidandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-29749
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-8.4||HIGH
EPSS-0.01% / 3.04%
||
7 Day CHG~0.00%
Published-05 Apr, 2024 | 20:02
Updated-20 Aug, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In tmu_set_tr_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-Androidandroidpixel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-27226
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-8.4||HIGH
EPSS-0.01% / 3.04%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 18:55
Updated-03 Apr, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In tmu_config_gov_params of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-27209
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-8.4||HIGH
EPSS-0.02% / 4.60%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 18:55
Updated-03 Apr, 2025 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2024-27219
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-8.4||HIGH
EPSS-0.01% / 3.04%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 18:55
Updated-03 Apr, 2025 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In tmu_set_pi of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21628
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.63%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023ar9380ipq8173_firmwareqcn5124mdm9645wcn3950_firmwaresc8180x\+sdx55sm4450_firmwareqca6595au_firmwaresa6155mdm8215home_hub_100_platformsd_455_firmwareapq8076qcs6125_firmwaresm4375wcn3998sc8180xp-adwcd9371_firmwarewcn3950qcn6024_firmwaresm4125immersive_home_316_platform_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm4250-aasnapdragon_636_mobile_platformwcn3998_firmwareqca8081_firmwareqca6420qca9986snapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareipq8072_firmwaresc8180xp-aa_firmwareqca0000sa8155_firmwarerobotics_rb3_platform_firmwareipq8068qca6430snapdragon_630_mobile_platformwcd9340snapdragon_808_processorqca6698aq_firmwaresnapdragon_808_processor_firmwarewcn685x-1_firmwaremdm9250_firmwareqca9888_firmwareqcn6122sm8150_firmwaresnapdragon_810_processor_firmwareqca6696_firmwarewcd9371sc8180x-abqcn5154_firmwaremdm8215_firmwaresm4350_firmwaresd_8cxsa8150pqca9992_firmwaresd660sm7225_firmwaresd660_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqcn7606_firmwaresm6125_firmwareimmersive_home_216_platform_firmwareqca4010_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078ipq8173sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410qcn5024qca9379_firmwaresc8180xp-ad_firmwareqca9985qcn9012_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwareqca6584_firmwaresnapdragon_630_mobile_platform_firmwaremdm9215_firmwareipq6028ipq8064sd835snapdragon_821_mobile_platformqca1990wcn3980_firmwaresd730sc7180-ac_firmwaresm6350qcn5064_firmwareqcs4490_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qca9994sm6350_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresmart_audio_200_platform_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031immersive_home_214_platformqca1023_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640snapdragon_x20_lte_modemqca9379sa4155pqcn7606wsa8830qca9561sdm712_firmwaresnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwarecsrb31024mdm9628_firmwaremdm9650qca9992qcs4290snapdragon_x20_lte_modem_firmwaremdm9250qca6420_firmwaresc7180-acsnapdragon_auto_4g_modem_firmwaremdm9310_firmwaresd675_firmwareipq8072qca6564wcn3990_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqca9982apq8094sa8155snapdragon_x55_5g_modem-rf_systemqca6584snapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqca6584auqfe1952sm6225ipq8174qcn5052qca9367apq8092wcn3988_firmwareqcn9074sm7250-aasa8195psxr1120sdm710_firmwaresm4375_firmwarewcd9326wcd9335qca9982_firmwareqcm4490qcn6023qcs4290_firmwaresm7150-abqca6390qca9898_firmwarewcd9375aqt1000sc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_662_mobile_platformapq8092_firmwareipq5010_firmwareipq8074a_firmwaresm8150wsa8815_firmwaresnapdragon_636_mobile_platform_firmwareapq8017sxr1120_firmwareqcm6125_firmwaresnapdragon_x5_lte_modemqca9882qca6595ipq8065_firmwareqcn5154qca8075_firmwaresc8180xp-acsmart_audio_400_platformipq6005_firmwarewcn685x-5_firmwareqcn6132_firmwaresdm670_firmwareqca9888qca6310_firmwareapq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886qca6175aqca6574a_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaremdm9310snapdragon_auto_4g_modemcsrb31024_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca9531sc8180xp-af_firmwareqca9889_firmwareqcn5122mdm9645_firmwaresdx20m_firmwaresm7250-aa_firmwaresc8180x-aa_firmwaresm8150-ac_firmwareqcn5022sc8180x-aaqca6564_firmwaresc8180x-af_firmwaresm6150-acsnapdragon_x50_5g_modem-rf_systemqca8075qcn6024qcn9022mdm9615_firmwareipq6000_firmwareqcs410_firmwareqca6175a_firmwaresdm660_firmwaresa6150p_firmwareqcs610qcn5550sc8180x-ab_firmwarewcd9360_firmwaresnapdragon_820_automotive_platform_firmwareqca9561_firmwareqca4024_firmwareimmersive_home_318_platform_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335sdm712qcn5064sdm670csra6620_firmwaresd_675_firmwarecsra6640_firmwarewcn685x-1qca6554a_firmwareipq8076amdm9628sm7150-acqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresm6225-adwcd9360sdx20mqca6438_firmwaresc8180xp-afsmart_audio_400_platform_firmwarewcn3999sm6225-ad_firmwareipq5028qca7500ipq4029_firmwareqca6698aqqcs6125sa4155p_firmwareipq6010sd662_firmwaresm7250-ab_firmwarerobotics_rb3_platformqcn6132snapdragon_820_mobile_platformqca1990_firmwaresw5100home_hub_100_platform_firmwaresa6155pwcd9341ipq8068_firmwaresc8180xp-ab_firmwaresnapdragon_x12_lte_modemwcn3910_firmwareqfe1922wsa8830_firmwaresd855_firmwarewcn3988qca6438sm4250-aa_firmwaresa8195p_firmwareqca9898ipq4028wcn3610mdm9640wcd9380_firmwareipq8072aqca7500_firmwaresw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564auqcn5164qca9558sc8180xp-aaqcn5054_firmwareipq4019_firmwaresm7150-aa_firmwaresc8180x-ac_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225wcn3910qca6320mdm9650_firmwareqca9986_firmwaresm4450wcn3660b_firmwareqca9984sc8180x-adqcn9024qcn5550_firmwarewcd9330_firmwareipq8064_firmwaresm7150-aasnapdragon_820_automotive_platformsnapdragon_x50_5g_modem-rf_system_firmwaresm7125smart_audio_200_platformsd821_firmwaresnapdragon_652_mobile_platformar8031_firmwaresm7150-ab_firmwareipq8070sdm660qca9887_firmwaresdm710qca6564a_firmwareqca9880snapdragon_x24_lte_modemqcn5121_firmwaresc8180xp-ac_firmwarewsa8832snapdragon_810_processoripq6018qcs4490qca6595_firmwaresa8145pimmersive_home_214_platform_firmwaresm4350-ac_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresnapdragon_662_mobile_platform_firmwareqcn9070sa8145p_firmwaresm6125qcs2290_firmwarecsra6620qcn9072sm7250-ac_firmwareqca9880_firmwareqca6390_firmwareipq8069_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwaresd_8cx_firmwareqcn7605immersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformsd662qcn5124_firmwareqfe1952_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310snapdragon_821_mobile_platform_firmwareqca9990snapdragon_x5_lte_modem_firmwaresd821vision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250apq8017_firmwarewsa8810_firmwarevision_intelligence_400_platformsc7180-adqca4010sg4150pqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385snapdragon_x12_lte_modem_firmwaresc8180x-acar8035csr8811apq8064auipq4019qcn9100_firmwarevision_intelligence_400_platform_firmwaresd820wsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm4325qcm2290_firmwaresnapdragon_845_mobile_platformwcn3990qcn9000sd_675qca6554aar9380_firmwaresnapdragon_835_mobile_pc_platformsm8150-acqcn9012qca9558_firmwareqcn6122_firmwarewsa8835msm8996ausc7180-ad_firmwaresnapdragon_auto_5g_modem-rfsm6250pipq4018qca6574aqca9889qca6174asc8180x-afipq8074wcn6750qca9994_firmwareipq8076_firmwaresm7150-ac_firmwaresm7250-absd855sm4125_firmwareipq8076qfe1922_firmwareqca9887qcn5021ipq8069qcn5152vision_intelligence_300_platformsd460qca6391ipq6005aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290qca9882_firmwaremdm9215sd_455sm6225_firmwareipq8074_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sm7250-acwcn3680bsd835_firmwaresnapdragon_675_mobile_platformipq6010_firmwareqca6696sm4350sm7125_firmwaresa6150psc8180xp-abqcn9022_firmwareqca9990_firmwareipq8070asnapdragon_652_mobile_platform_firmwaresc8180x-ad_firmwareqcn9072_firmwaresnapdragon_820_mobile_platform_firmwaresm7250pipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029snapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-25390
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.30%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 00:00
Updated-04 Nov, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2.

Action-Not Available
Vendor-rt-threadn/art-thread
Product-rt-threadn/art-thread
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-40520
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-3.85% / 87.97%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack based buffer overflow in Core

Memory corruption due to stack-based buffer overflow in Core

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaremdm9640_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335sd_455_firmwareqcs605_firmwaresd_675_firmwaresa415mwcn3998wcd9371_firmwareqam8295psd_8cx_gen2_firmwareqcn6024_firmwaresd720gwcn3950sd_8_gen1_5g_firmwareqsm8350_firmwaresd710_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6420wcd9360sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwaresa8155_firmwareqca4004_firmwareqca6430wcd9306_firmwarewcd9340sd765gfsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475sa8295p_firmwarewcn6750_firmwaremdm9640wcn3991qca8337_firmwarewcd9380_firmwaremsm8996au_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca6430_firmwareqcn9012_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cqca6320mdm9650_firmwareqca6426_firmwaresd835qcn9024wcn3980_firmwaresd730sdx55msa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwareqrb5165wcn6851_firmwareqcs603sd_636_firmwaresd670qca6564a_firmwareqcn9024_firmwaresd870wcn6855sa8540pqcs610_firmwareqsm8250sa6145psdxr1apq8096auqca6595_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155psd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwarefsm10056sd7c_firmwarecsrb31024mdm9650sd_636sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqam8295p_firmwareqcn9011_firmwaresa8155qca6320_firmwaresa9000p_firmwaresdx55_firmwareqca6595ausm7250p_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwareqca6310sd778gwcd9306qcs8155sa515m_firmwareqcs6490wcn7851sdxr2_5gsdm630sa415m_firmwarewcn3988_firmwaresa6145p_firmwareqca6421sd712_firmwaresd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3ar8035qca6390sd750g_firmwareapq8064auaqt1000wcd9375sm6250_firmwaresd820qcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315qca6564asa4150pwcn3990sd_675sd780gsd865_5gqca6595sdx24qcn9012sd888wsa8835qcx315_firmwaremsm8996ausa8540p_firmwaresd888_5gsm6250psc8180xqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa515mqca6574_firmwaresa9000psd855sm7325p_firmwaresd765qca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwaresm7315qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwarecsrb31024_firmwareqcm6490_firmwaresdx50mqcn9011sc8180x_firmwaresd_455qca6574ausa8155p_firmwaresd710wcd9341_firmwarewsa8810mdm9150wcn6856sd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150papq8096au_firmwareqcn6024sd845sm7250psd720g_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-24335
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.06% / 19.17%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 00:00
Updated-04 Nov, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap buffer overflow occurs in the dfs_v2 romfs filesystem RT-Thread through 5.0.2.

Action-Not Available
Vendor-rt-threadn/art-thread
Product-rt-threadn/art-thread
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-38932
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.05%
||
7 Day CHG~0.00%
Published-27 Sep, 2022 | 17:52
Updated-21 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

readelf in ToaruOS 2.0.1 has a global overflow allowing RCE when parsing a crafted ELF file.

Action-Not Available
Vendor-toaruosn/a
Product-toaruosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36086
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.4||HIGH
EPSS-0.28% / 51.16%
||
7 Day CHG~0.00%
Published-07 Sep, 2022 | 22:50
Updated-22 Apr, 2025 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend`

linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than `3 * size_of::<usize>` because of metadata write operations. This vulnerability impacts all the initialization functions on the `Heap` and `LockedHeap` types, including `Heap::new`, `Heap::init`, `Heap::init_from_slice`, and `LockedHeap::new`. It also affects multiple uses of the `Heap::extend` method. Version 0.10.2 contains a patch for the issue. As a workaround, ensure that the heap is only initialized with a size larger than `3 * size_of::<usize>` and that the `Heap::extend` method is only called with sizes larger than `2 * size_of::<usize>()`. Also, ensure that the total heap size is (and stays) a multiple of `2 * size_of::<usize>()`.

Action-Not Available
Vendor-rust-osdevrust-osdev
Product-linked-list-allocatorlinked-list-allocator
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2024-20812
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.4||HIGH
EPSS-0.06% / 19.76%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 02:23
Updated-15 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devices
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20845
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.4||HIGH
EPSS-0.12% / 30.83%
||
7 Day CHG~0.00%
Published-02 Apr, 2024 | 02:59
Updated-07 Feb, 2025 | 17:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsSamsung
Product-androidSamsung Mobile Devicesandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20029
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.02% / 3.90%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477406; Issue ID: MSV-1010.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6989androidmt8796mt8678mt6985MT6985, MT6989, MT8678, MT8796mt6985androidmt6989mt8796mt8678
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25698
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.29%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd429wcd9380_firmwaresd429_firmwarewcn3980_firmwaresdm429w_firmwaresdm429wwsa8835wcd9380wcn3610_firmwarewcn3610wcn7850wcn3660bwcn7850_firmwarewcn3660b_firmwarewcn6856_firmwarewsa8830wcn6856sm8475sda429w_firmwarewcn3680bwsa8835_firmwarewcn7851_firmwarewcn3620_firmwarewcn3620wcn6855_firmwarewcn6855wcn7851sda429wwsa8830_firmwaresd_8_gen1_5g_firmwarewcn3680b_firmwarewcn3980Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25697
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.29%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in i2c buses due to improper input validation while reading address configuration from i2c driver in Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd429wcd9380_firmwaresd429_firmwarewcn3980_firmwaresdm429w_firmwaresdm429wwsa8835wcd9380wcn3610_firmwarewcn3610wcn7850wcn3660bwcn7850_firmwarewcn3660b_firmwarewcn6856_firmwarewsa8830wcn6856sm8475sda429w_firmwarewcn3680bwsa8835_firmwarewcn7851_firmwarewcn3620_firmwarewcn3620wcn6855_firmwarewcn6855wcn7851sda429wwsa8830_firmwaresd_8_gen1_5g_firmwarewcn3680b_firmwarewcn3980Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30257
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 26.40%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwarewcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareqca6420qca6436_firmwareapq8053_firmwaresd778gqcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs4290_firmwarewcd9385qcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017wcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaresd665_firmwarewcd9380sd888_5gqualcomm215sd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680sd768g_firmwaresd730sd460qca6391sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwarewcn6851_firmwaresd_636_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wcn6856wcn3680bsdxr1sd768gwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30292
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.53%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwareqca6335msm8917sd690_5gsd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwaresd778gqca6310sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs603_firmwareqcs4290_firmwarewcd9385sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareapq8064auaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaremsm8996ausd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqca6335_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910qca6320sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwareqcm4290sdx50mwcn3680_firmwarewcn6851_firmwareqcs603sd_455qca6574ausd_636_firmwaresd205_firmwareqca6564a_firmwareqcm6125qcm4290_firmwaresd870wcn6855sd210_firmwareqcs610_firmwarewcn6856wcn3680bsdxr1sd768gapq8096auwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwaresd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-23428
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.4||HIGH
EPSS-0.01% / 2.47%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices with Exynos chipsets
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22063
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-1.42% / 80.33%
||
7 Day CHG~0.00%
Published-14 Dec, 2022 | 05:54
Updated-18 Apr, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory corruption in Core

Memory corruption in Core due to improper configuration in boot remapper.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremdm9645mdm9645_firmwareqca6174_firmwarewcn3990qca6574au_firmwareqca6574auqca6174a_firmwaremdm9640wcn3990_firmwareqca6174aqca6574aapq8096auapq8096au_firmwareqca6574a_firmwareqca6174Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22084
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.63%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610sdx65wcn3950_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresd632wcn3998wcd9371_firmwarewcn3950sm4125mdm9628sd720gmdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340qualcomm215_firmwaresd765gsw5100qca4020_firmwareqca6436sd680sa6155pwcn6851qcs603_firmwarewcn7851_firmwaremsm8937mdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresd450wcn3610wcn3991wcd9380_firmwaresdm429wmsm8996au_firmwaresw5100pwcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55msm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd_636_firmwaresd670qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psdxr1apq8096auar8031qcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379qcm2290wcn3991_firmwarewsa8830sd678qcs2290_firmwaremdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwareqca6595auwcn3615wcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310pm8937wcn7851qcs6490sd429sdxr2_5gqca9367sdm630mdm9607_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwaremsm8953_firmwaremsm8917_firmwarewcn3620_firmwaresd820qcm6490sd888_5g_firmwarewsa8835_firmwaresdx20_firmwarewcn3620wcn6850_firmwarewsa8815_firmwaresm7450apq8017qca6564aqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwaresd768g_firmwaresm7315apq8009qca6391sd460sdxr1_firmwareaqt1000_firmwaresdx65_firmwaremdm9626qcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaresd710mdm9607wcd9341_firmwarewsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22080
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.29%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwarewcd937sd678mdm9640_firmwaresm6250p_firmwarewsa8830qcs610qcs2290_firmwareqca8337mdm9628_firmwarewcn361mdm9650csra6620qcs4290wcn3950_firmwaresd765g_firmwarewcd934qca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377sa415mwcn3998sdxr2_5g_firmwarewcn3950sm4125mdm9628sd720gsd662sd460_firmwaresa8155sm7315_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcn3998_firmwaresm7250p_firmwarewcn3999_firmwareqca6420qca6436_firmwareapq8053_firmwareqrb5165nqca6564au_firmwaresd680_firmwaresa6155p_firmwaresd778gwcn3999sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresdxr2_5gwcn7851wcd936wcn361_firmwaresa8155_firmwaresd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436sd680wcd937_firmwaresa6155pwcn6851wcn7851_firmwareqca6174a_firmwareqcs4290_firmwareqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcd938_firmwarear8035qca6390sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988sd660_firmwarewcn6850_firmwarewcn7850_firmwaresa8195p_firmwarewsa8815_firmwarewsa8835_firmwareqca6564awcn6750_firmwarewcd936_firmwarewcd938mdm9640qcm2290_firmwarewcn3991qca8337_firmwarewcn3990sd_675sd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6174asm7325qca6430_firmwarewcn3980wcn6750sd439_firmwarewcd934_firmwaresa515mqca6574_firmwaresd855sm4125_firmwarewcn6850wcd932_firmwarewcn3910wsa8815mdm9650_firmwaresd765wcd932qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcd933wcn3980_firmwaresm7315sd460qca6391sd730sdx55maqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwareqcm4290qcm6490_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwaremdm9150wcn6856sa6145pwcn3680bqca6564_firmwaresd695_firmwaresd768gapq8096auar8031qcs405_firmwarewcn6740qca6696qca6391_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwarecsra6640sa8155psd675sd439sm7250psd720g_firmwaresdx12qcs410_firmwarear8035_firmwareqcm2290wcd933_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22100
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 30.80%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwaresa6155p_firmwaresa6150p_firmwaresa8145p_firmwareqca6564auqca6574ausa6145p_firmwaresa8155p_firmwareqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwaresa6155psa8540psa8295p_firmwareqca6574asa6145papq8096auqca6696_firmwaresa8145pqca6696qam8295psa9000psa8150psa6150papq8096au_firmwaresa8155pqam8295p_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwaresa8195p_firmwareqca6564asa8295pSnapdragon Auto
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-50360
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.02% / 5.42%
||
7 Day CHG~0.00%
Published-03 Dec, 2025 | 00:00
Updated-16 Dec, 2025 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap buffer overflow in compiler.c and compiler.h in Pepper language 0.1.1commit 961a5d9988c5986d563310275adad3fd181b2bb7. Malicious execution of a pepper source file(.pr) could lead to arbitrary code execution or Denial of Service.

Action-Not Available
Vendor-dannyvankootenn/a
Product-peppern/a
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2021-1886
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.53%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gwcn3660bsd450_firmwareqsm8350_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwarewcd9360wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8937wcn3660_firmwaremdm9655qca6696_firmwarepm8937_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwaresd439_firmwareqcs605wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835sd730sdx55mqca6421_firmwarewcn6740_firmwaremsm8953sd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqca6234wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqca6694au_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155pcsra6640sd675sd439wcn3660qca9379qca6234_firmwarear8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9650sd_636csra6620fsm10055_firmwareqcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3615_firmwaresd662apq8037sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwarewcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwarepm8937sa515m_firmwaresd429sdxr2_5gsdm630sd821mdm9655_firmwaresa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195papq8017_firmwareqca6694sd765_firmwarewcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaresc8180x\+sdx55_firmwareqca6694_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwarewcn3620_firmwaresd820sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gqca6595sdx24wsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msd480_firmwaremsm8920_firmwaresd_455qca6574ausa8155p_firmwareqcm6125wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sa6150pmsm8940apq8096au_firmwareapq8037_firmwaresm7250psd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1890
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.53%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gwcn3660bsd450_firmwareqsm8350_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwarewcd9360wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8937wcn3660_firmwaremdm9655qca6696_firmwarepm8937_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwaresd439_firmwareqcs605wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835sd730sdx55mqca6421_firmwarewcn6740_firmwaremsm8953sd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqca6234wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqca6694au_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155pcsra6640sd675sd439wcn3660qca9379qca6234_firmwarear8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9650sd_636csra6620fsm10055_firmwareqcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3615_firmwaresd662apq8037sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwarewcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwarepm8937sa515m_firmwaresd429sdxr2_5gsdm630sd821mdm9655_firmwaresa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195papq8017_firmwareqca6694sd765_firmwarewcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaresc8180x\+sdx55_firmwareqca6694_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwarewcn3620_firmwaresd820sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gqca6595sdx24wsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msd480_firmwaremsm8920_firmwaresd_455qca6574ausa8155p_firmwareqcm6125wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sa6150pmsm8940apq8096au_firmwareapq8037_firmwaresm7250psd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-49696
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.47%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:58
Updated-13 Feb, 2026 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Remote Code Execution Vulnerability

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-365_appsofficeoffice_long_term_servicing_channelMicrosoft Office LTSC 2024Microsoft 365 Apps for EnterpriseMicrosoft Office LTSC for Mac 2021Microsoft Office LTSC for Mac 2024Microsoft Office for AndroidMicrosoft Office LTSC 2021Microsoft Office 2019Microsoft Office 2016
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1892
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.53%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qca9377_firmwareqca2066wcn3990qca1062_firmwareqfe4455fc_firmwareqfe3440fc_firmwarewgr7640wcn6856_firmwarepm8005_firmwareqfe2081fc_firmwareqca6420_firmwareqca6595au_firmwaresmb1351_firmwaresd850qln1035bdqca6335qca6174_firmwarepm8998_firmwaresmb1380_firmwaresmb1381pm855p_firmwarewcn6855_firmwarewtr5975_firmwareqfe3100_firmwaresmb1390_firmwareqca6174asd8cwcn3990_firmwareqca6310_firmwarewtr5975qca6174qca9377qca6430_firmwarewcn3998wcd9335_firmwareqcn7605qca6335_firmwarewcd9340_firmwarewgr7640_firmwarewsa8815sd8cxwcn6850smb1380qca1064smb2351_firmwaresd835qca6595auwcn3998_firmwaresd850_firmwaresmb1351qca6391pm855pqca6420sd8cx_firmwareaqt1000_firmwareqfe2082fcqca6310sd8c_firmwarepmi8998qfe2081fcpm855sdr8150qfe2082fc_firmwarewcn6851_firmwareqca6164_firmwareqca6430qfe4455fcwcd9340qln1035bd_firmwarewsa8810_firmwarewcd9341_firmwareqfe3440fcwsa8810wcn6855wcn6851wcd9335qcn7605_firmwarepmi8998_firmwareqat3550pm8005wcn6856pm855_firmwaresd835_firmwareqca6174a_firmwaresdr8150_firmwarewcd9341qca2066_firmwareqet4100_firmwaresmb1350qca1064_firmwareqca1062qat3550_firmwareqca6164smb1350_firmwareqca6391_firmwaresmb1381_firmwaresd845_firmwareaqt1000sd845wsa8815_firmwarewcn6850_firmwarepm8998smb1390qcn7606_firmwaresmb2351qet4100qcn7606Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-47372
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9||CRITICAL
EPSS-0.02% / 4.38%
||
7 Day CHG~0.00%
Published-18 Dec, 2025 | 05:29
Updated-23 Dec, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Boot

Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qamsrv1m_firmwaresrv1hsrv1l_firmwareqam8775p_firmwareqam8775pqca6595auqca6797aq_firmwareqam8255p_firmwareqamsrv1msa9000p_firmwareqca6696sa7775pqamsrv1hqca6698aq_firmwaresrv1m_firmwareqamsrv1h_firmwareqca6797aqqca6696_firmwaresa8255p_firmwaresa8620psa8650p_firmwaresa8650psa7775p_firmwaresa8620p_firmwareqca6678aq_firmwaresrv1h_firmwareqca6595au_firmwareqca6678aqqca6595sa8770psa8775psa8255psa8775p_firmwareqam8650p_firmwareqam8650pqca6595_firmwaresa9000psrv1msa7255pqam8255pqam8620p_firmwaresrv1lqca6698aqqam8620psa8770p_firmwaresa7255p_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-47162
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.82%
||
7 Day CHG+0.03%
Published-10 Jun, 2025 | 17:02
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Remote Code Execution Vulnerability

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-officeoffice_long_term_servicing_channel365_appsMicrosoft Office 2016Microsoft 365 Apps for EnterpriseMicrosoft Office LTSC 2021Microsoft Office 2019Microsoft Office LTSC for Mac 2021Microsoft Office LTSC 2024Microsoft Office LTSC for Mac 2024Microsoft Office for Android
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-40516
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-3.85% / 87.97%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based buffer overflow in Core

Memory corruption in Core due to stack-based buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresa415mwcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwaresa8155_firmwareqca4004_firmwareipq6010sd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gsw5100fsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwareqcn5121sm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwareqca9984ipq6028sd835qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670qcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd870wcn6855qcn5121_firmwaresw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145pipq6018sdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145pmdm9205_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024csra6620qca8082qcn9072qca8386qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareqcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155qca8082_firmwareqca6320_firmwaresa9000p_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcs8155wcn7851sa515m_firmwareqcs6490sdxr2_5gqcn5052sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023qca6174a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012sd888wsa8835qcx315_firmwaresa8540p_firmwaresd888_5gsm6250pqca8075_firmwaresc8180xqca6574aipq6005_firmwarewcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mqcn9070_firmwareipq6028_firmwareqcn9011sc8180x_firmwareqca6574ausd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwarewsa8810mdm9150wcn6856qcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40517
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 28.96%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack based buffer overflow in Core

Memory corruption in core due to stack-based buffer overflow

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresa415mwcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareqca8386_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwaresa8155_firmwareqca4004_firmwareipq6010sd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gsw5100fsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwareqca9984ipq6028sd835qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670qcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd870wcn6855qcn5121_firmwaresw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145pipq6018sdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145pmdm9205_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024csra6620qca8082qcn9072qca8386qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareqcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155qca8082_firmwareqca6320_firmwaresa9000p_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcs8155sa515m_firmwareqcs6490sdxr2_5gqcn5052sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023qca6174a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012sd888wsa8835qcx315_firmwaresa8540p_firmwaresd888_5gsm6250pqca8075_firmwaresc8180xqca6574aipq6005_firmwarewcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mqcn9070_firmwareipq6028_firmwareqcn9011sc8180x_firmwareqca6574ausd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwarewsa8810mdm9150wcn6856qcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found