ByteOS Network

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

Vendor-Qualcomm Technologies, Inc.

Product-wsa8830 qca8337_firmware sa6150p_firmware wcd9380_firmware sa8145p_firmware qcs610 sw5100p qca8337 sd865_5g fastconnect_6800 snapdragon_w5\+_gen_1_wearable_platform snapdragon_870_5g_mobile_platform_firmware snapdragon_865_5g_mobile_platform sa8530p_firmware wsa8835 wcn3950_firmware sa8540p_firmware wcd9380 sa8150p_firmware video_collaboration_vc3_platform qcs410 wcd9370 sxr2130 qca6174a qca6426 video_collaboration_vc3_platform_firmware c-v2x_9150_firmware wcn3980 sa8530p qam8295p wcn3950 sa9000p wcn3660b wsa8815 snapdragon_865\+_5g_mobile_platform qam8295p_firmware snapdragon_xr2_5g_platform_firmware qca6426_firmware wcn3660b_firmware sa9000p_firmware snapdragon_x55_5g_modem-rf_system qca6574au_firmware sdx55_firmware wcn3680b_firmware wcn3980_firmware snapdragon_x55_5g_modem-rf_system_firmware qca6391 qca6436_firmware sa8295p snapdragon_w5\+_gen_1_wearable_platform_firmware sa6155p_firmware snapdragon_865\+_5g_mobile_platform_firmware snapdragon_870_5g_mobile_platform snapdragon_xr2_5g_platform fastconnect_6900 fastconnect_6900_firmware video_collaboration_vc1_platform_firmware wcn3988_firmware qca6574au qcn9074 sa6145p_firmware sa8155p_firmware c-v2x_9150 sa8195p wsa8810_firmware wcd9341_firmware sw5100 wsa8810 qca6436 sa6155p sa8540p sw5100p_firmware qcs610_firmware qsm8250 sa6145p wcn3680b qca6174a_firmware sxr2130_firmware wcd9341 qca6696_firmware sa8145p qca6696 qca6391_firmware wcd9370_firmware sa8150p sa6150p sdx55 sa8155p wsa8830_firmware sd865_5g_firmware wcn3988 wsa8815_firmware wsa8835_firmware video_collaboration_vc1_platform sa8195p_firmware snapdragon_865_5g_mobile_platform_firmware sw5100_firmware qcn9074_firmware fastconnect_6800_firmware qcs410_firmware sa8295p_firmware qsm8250_firmware Snapdragon qualcomm_video_collaboration_vc1_platform_firmware sa6155p_firmware qca8337_firmware wcd9380_firmware sa6150p_firmware sa8145p_firmware fastconnect_6900_firmware sa8530p_firmware wcn3988_firmware sa6145p_firmware sa8155p_firmware wcn3950_firmware sa8540p_firmware wsa8810_firmware sa8150p_firmware wcd9341_firmware sw5100p_firmware qcs610_firmware qca6174a_firmware sxr2130_firmware c-v2x_9150_firmware qca6696_firmware qualcomm_video_collaboration_vc3_platform_firmware qca6391_firmware wcd9370_firmware wcn3680b_firmware wsa8830_firmware qam8295p_firmware sd865_5g_firmware snapdragon_xr2_5g_platform_firmware qca6426_firmware wcn3660b_firmware sa9000p_firmware wsa8815_firmware wsa8835_firmware qca6574au_firmware sa8195p_firmware sdx55_firmware snapdragon_865_5g_mobile_platform_firmware sw5100_firmware qcn9074_firmware fastconnect_6800_firmware qcs410_firmware sa8295p_firmware snapdragon_x55_5g_modem-rf_system_firmware wcn3980_firmware qca6436_firmware qsm8250_firmware

CWE ID-CWE-126

Buffer Over-read

CVE-2024-33067

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.07% / 22.07%

7 Day CHG+0.04%

Published-06 Jan, 2025 | 10:33

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in Audio

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2023-33065

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.03% / 7.17%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in Audio

Information disclosure in Audio while accessing AVCS services from ADSP payload.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2023-28554

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.06% / 17.35%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in Qualcomm IPC

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2023-28553

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.06% / 17.35%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-04 Sep, 2024 | 18:53

Buffer Over-read in WLAN Host

Information Disclosure in WLAN Host when processing WMI event command.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2023-28569

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.05% / 16.83%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN HAL

Information disclosure in WLAN HAL while handling command through WMI interfaces.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2023-28571

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.03% / 7.14%

7 Day CHG~0.00%

Published-03 Oct, 2023 | 05:00

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN HOST

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

Vendor-Qualcomm Technologies, Inc.

Product-qca6431 qca6678aq_firmware qcs410_firmware sa6150p_firmware sd865_5g sw5100p wsa8845_firmware snapdragon_auto_4g_modem_firmware qcc2076_firmware qca6595 qcs610_firmware wcd9335 sxr2130_firmware wcd9370 qca6678aq qca6696 wcd9340_firmware wcd9341_firmware sm8250-ab_firmware qca6320 8998 snapdragon_w5\+_gen_1_wearable_platform_firmware wcd9395_firmware qca6390 qcc2073_firmware qca6426 qca6564au qcn9074 wsa8815_firmware sa8195p_firmware sm8250-ab qca6426_firmware wcd9395 snapdragon_auto_4g_modem qca6574au_firmware wcn785x-5 qam8295p wcd9341 qca6574au wcd9390 wcn785x-5_firmware wcn3950 wsa8810_firmware snapdragon_xr2_5g_platform wsa8845h_firmware qca6797aq_firmware qca6554a sa8295p_firmware sd835_firmware csrb31024_firmware video_collaboration_vc1_platform_firmware qca6584au qca6320_firmware sw5100_firmware wcn685x-5 qca6310_firmware qca6595_firmware sm8250-ac s820a video_collaboration_vc1_platform sm8250_firmware wcd9385_firmware qca6421 snapdragon_x55_5g_modem-rf_system qca6310 qam8255p_firmware wcd9380 sa6145p_firmware qam8255p snapdragon_xr2_5g_platform_firmware sa8150p snapdragon_8\+_gen_2_mobile_platform_firmware wsa8845 msm8996au_firmware sa6155p qca6421_firmware snapdragon_auto_5g_modem-rf_firmware qca6564au_firmware wsa8810 snapdragon_8\+_gen_2_mobile_platform sw5100 qca6595au video_collaboration_vc3_platform sa6155p_firmware wsa8840 qam8295p_firmware qca6390_firmware qca6431_firmware sd835 wcn3990_firmware qca6175a_firmware qca6564a_firmware qca6436_firmware qca6698aq_firmware 8998_firmware wcd9385 mdm9650_firmware snapdragon_8_gen_2_mobile_platform sa8255p wcd9390_firmware sm8250-ac_firmware apq8064au_firmware wcd9370_firmware csrb31024 mdm9650 snapdragon_auto_5g_modem-rf snapdragon_x55_5g_modem-rf_system_firmware qcc2076 qca6554a_firmware qca6574a sxr2130 sa8195p 8098_firmware wcd9340 sm8550p_firmware wcn3988 qca6584au_firmware wcd9335_firmware wcn3980_firmware qca6436 qca6574 wsa8835 qca6595au_firmware qca6391_firmware wsa8840_firmware sw5100p_firmware sm8250 qca6696_firmware wsa8845h wcd9380_firmware sa6150p qca6574_firmware qcs410 sa8155p_firmware wsa8815 qca6564a sa8155p wsa8830 qca6797aq sm8550p sa6145p qcn9074_firmware sa8255p_firmware wcn785x-1_firmware qca6574a_firmware qcc2073 msm8996au qca6175a qca6391 wcn785x-1 apq8064au qca6698aq wcn3950_firmware snapdragon_8_gen_2_mobile_platform_firmware sa8295p 8098 wcn685x-1 sa8145p_firmware sd865_5g_firmware wcn685x-5_firmware sa8150p_firmware s820a_firmware snapdragon_w5\+_gen_1_wearable_platform wcn3988_firmware video_collaboration_vc3_platform_firmware sa8145p wcn3990 wsa8835_firmware wcn3980 wsa8830_firmware wcn685x-1_firmware qcs610 Snapdragon

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2023-28566

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.06% / 17.35%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN HAL

Information disclosure in WLAN HAL while handling the WMI state info command.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2023-28568

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.05% / 16.83%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-02 Aug, 2024 | 13:43

Buffer Over-read in WLAN HAL

Information disclosure in WLAN HAL when reception status handler is called.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2023-28563

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.05% / 16.83%

7 Day CHG~0.00%

Published-07 Nov, 2023 | 05:26

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in IOE Firmware

Information disclosure in IOE Firmware while handling WMI command.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2024-38414

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.03% / 8.78%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-05 Feb, 2025 | 13:58

Buffer Over-read in Computer Vision

Information disclosure while processing information on firmware image during core initialization.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_7800_firmware sa8150p sa6150p_firmware fastconnect_6900 sw5100_firmware wcn3988_firmware qca6696 sa8195p_firmware sa8155p_firmware qca6696_firmware qam8295p_firmware sa8530p_firmware snapdragon_8_gen_1_mobile_firmware sa8145p_firmware wcd9385_firmware sa6150p wcd9380_firmware qca6574au_firmware snapdragon_888\+_5g_mobile sa8195p qca6174a_firmware sa6145p_firmware sa8295p sa6145p snapdragon_888_5g_mobile_firmware snapdragon_w5\+_gen_1_wearable_firmware wcn3980 snapdragon_w5\+_gen_1_wearable sw5100 snapdragon_888_5g_mobile sa8540p_firmware sa6155p sw5100p_firmware sa8295p_firmware wcd9380 wsa8830 sa8150p_firmware wsa8835 sa8145p sa8155p sa9000p sw5100p sa8530p wsa8830_firmware fastconnect_7800 wcn3980_firmware sa6155p_firmware snapdragon_8_gen_1_mobile qam8295p fastconnect_6900_firmware sa8540p qca6174a wcn3988 sa9000p_firmware snapdragon_888\+_5g_mobile_firmware wcd9385 qca6574au wsa8835_firmware Snapdragon

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-38417

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.03% / 8.78%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-05 Feb, 2025 | 13:58

Buffer Over-read in Automotive Multimedia

Information disclosure while processing IO control commands.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_7800_firmware qfw7124 sdm429w ar8035_firmware qca6696 sa8195p_firmware qcn6224_firmware qcs610 qam8295p_firmware sa8155p_firmware c-v2x_9150_firmware qca8337 sa8145p_firmware qcn9074_firmware wcn3620_firmware qca8337_firmware video_collaboration_vc1_platform_firmware qca9367_firmware wcn3680b wcd9380_firmware qca6574au_firmware sa8195p qcn6274_firmware qca6584au wcn3950_firmware wcn3660b sdm429w_firmware c-v2x_9150 wcn3980 wcn3950 video_collaboration_vc3_platform_firmware sw5100 wcd9370 wcd9340_firmware qcc710_firmware sa8540p_firmware sw5100p_firmware sa8295p_firmware ar8035 sa8150p_firmware snapdragon_429_mobile_firmware wsa8835 qca9377 sa9000p qca8081_firmware qcn9074 fastconnect_7800 snapdragon_x75_5g_modem-rf sa6155p_firmware wcd9341_firmware snapdragon_8_gen_1_mobile wcd9340 qam8295p wcd9341 wcn3988 qca6698aq_firmware qca6574au qfw7114_firmware sa8150p sa6150p_firmware fastconnect_6900 wcn3988_firmware sw5100_firmware snapdragon_auto_5g_modem-rf_gen_2 qca6584au_firmware snapdragon_429_mobile qcs410_firmware sa8530p_firmware qca6696_firmware snapdragon_8_gen_1_mobile_firmware snapdragon_x72_5g_modem-rf_firmware wsa8810_firmware sa6150p wcn3680b_firmware wsa8810 qcn6274 qcc710 sa8295p sa6145p_firmware qcs610_firmware sa6145p qca9367 wsa8815 snapdragon_x72_5g_modem-rf qcs410 qca9377_firmware sa6155p snapdragon_x75_5g_modem-rf_firmware wcd9380 video_collaboration_vc3_platform wsa8830 wsa8815_firmware sa8155p sa8145p sw5100p sa8530p wsa8830_firmware wcn3620 wcn3980_firmware qca8081 qca6698aq video_collaboration_vc1_platform fastconnect_6900_firmware sa8540p qcn6224 sa9000p_firmware qfw7114 qfw7124_firmware wcn3660b_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware wsa8835_firmware wcd9370_firmware Snapdragon

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2023-43528

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.06% / 17.35%

7 Day CHG~0.00%

Published-06 May, 2024 | 14:32

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in Audio

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2025-47331

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.01% / 1.78%

7 Day CHG~0.00%

Published-06 Jan, 2026 | 22:48

Updated-28 Jan, 2026 | 16:52

Buffer Over-read in Video

Information disclosure while processing a firmware event.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2025-27030

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.02% / 4.37%

7 Day CHG~0.00%

Published-24 Sep, 2025 | 15:33

Updated-25 Sep, 2025 | 16:08

Buffer Over-read in Audio

information disclosure while invoking calibration data from user space to update firmware size.

Vendor-Qualcomm Technologies, Inc.

Product-qca9377_firmware wcn3988_firmware sw5100 sdx55 qca6584au_firmware wcn3680b qca6696_firmware wcd9370_firmware video_collaboration_vc3_platform wsa8830_firmware qcn9074_firmware sa8145p sa8540p sa8155p wsa8830 sa8195p_firmware qsm8250 c-v2x_9150_firmware qca6696 sa8530p_firmware sa8195p sa8295p_firmware snapdragon_auto_5g_modem-rf_gen_2 wcn3950 qca6574au_firmware sa9000p_firmware wcd9370 sa8145p_firmware sa6150p_firmware sa6155p_firmware sa8530p sw5100p qcs410 c-v2x_9150 wsa8810_firmware qcs610 qca6698aq sa8540p_firmware wcd9341 qca6574au qsm8250_firmware qcn9074 qca6584au wcn3980_firmware sa8295p wcn3680b_firmware wcn3950_firmware video_collaboration_vc3_platform_firmware sa8150p_firmware wcd9341_firmware qca9367_firmware wsa8835 qca9367 sa8150p sw5100p_firmware snapdragon_auto_5g_modem-rf_firmware qca9377 qam8295p_firmware sa6145p sa6155p video_collaboration_vc1_platform sa6145p_firmware qam8295p sa9000p video_collaboration_vc1_platform_firmware wsa8835_firmware sdx55_firmware wcn3660b_firmware wsa8815_firmware qcs610_firmware sa8155p_firmware wcn3988 wsa8810 wcn3980 snapdragon_auto_5g_modem-rf sa6150p snapdragon_auto_5g_modem-rf_gen_2_firmware sw5100_firmware qcs410_firmware qca6698aq_firmware wcn3660b wsa8815 Snapdragon

CWE ID-CWE-126

Buffer Over-read

CVE-2025-27033

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.02% / 4.37%

7 Day CHG~0.00%

Published-24 Sep, 2025 | 15:33

Updated-25 Sep, 2025 | 16:08

Buffer Over-read in Video

Information disclosure while running video usecase having rogue firmware.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2025-21457

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.01% / 2.25%

7 Day CHG~0.00%

Published-06 Aug, 2025 | 07:25

Updated-06 Aug, 2025 | 20:23

Buffer Over-read in Automotive OS Platform Android

Information disclosure while opening a fastrpc session when domain is not sanitized.

Vendor-Qualcomm Technologies, Inc.

Product-Snapdragon

CWE ID-CWE-126

Buffer Over-read

CVE-2025-27036

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.02% / 4.37%

7 Day CHG~0.00%

Published-24 Sep, 2025 | 15:33

Updated-25 Sep, 2025 | 16:08

Buffer Over-read in Video

Information disclosure when Video engine escape input data is less than expected minimum size.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2025-27045

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.02% / 4.70%

7 Day CHG~0.00%

Published-09 Oct, 2025 | 03:17

Updated-05 Nov, 2025 | 18:31

Buffer Over-read in Video

Information disclosure while processing batch command execution in Video driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2025-27064

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.01% / 2.52%

7 Day CHG~0.00%

Published-04 Nov, 2025 | 03:19

Updated-05 Nov, 2025 | 17:24

Buffer Over-read in Core Services

Information disclosure while registering commands from clients with diag through diagHal.

Vendor-Qualcomm Technologies, Inc.

Product-qca8111 qam8650p qcn9012 sa7255p_firmware qca8101 qca8075 qca8386_firmware qcn9074_firmware qcn9160_firmware wsa8835_firmware qca8075_firmware ipq9048_firmware fastconnect_7800_firmware qca8084 qca6698aq_firmware sa8255p_firmware sa4150p wcn3660b qcf8001 ipq9008 qca8081_firmware fastconnect_6900 sa9000p qca8081 ipq5302_firmware wsa8830 qca8386 sa8650p ipq9554_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware wsa8830_firmware qca6688aq sa8540p_firmware qca6564a qca8080_firmware qcn9160 qam8255p_firmware sa8650p_firmware qca8111_firmware ipq5302 ipq5424_firmware qca6584au_firmware qca8102_firmware wcd9380_firmware qca6688aq_firmware qam8255p qcn6432 sa8155p_firmware sa8530p qca8112 qca6595au_firmware qca6595au sa6155p qcn9012_firmware ipq5300_firmware sa8255p qcn5124 qcn5224 sxr2250p_firmware immersive_home_326_platform_firmware qcf8000 ipq5332 qca0000_firmware ipq9574 ipq5424 ipq5312_firmware ipq9570 qca6678aq qca6574a_firmware fastconnect_6900_firmware sa8540p qca8385_firmware qam8650p_firmware qcn6402 qca9377 immersive_home_3210_platform_firmware qcn6412_firmware sxr2250p sa4155p qca8384_firmware qcn9000_firmware wcn3980_firmware qcn6422_firmware wcn3680b_firmware qca8082 qca8112_firmware qcn6422 qca6574au_firmware qcn9024 wsa8835 wcn3680b qca8102 sa4150p_firmware sa9000p_firmware ipq9570_firmware ipq5332_firmware qca0000 qcn9074 sa8195p qca8084_firmware wcn3980 qca9367_firmware qca9367 qca9377_firmware sa8195p_firmware qca6564a_firmware qca6678aq_firmware wcn3660b_firmware qca8085_firmware sa8155p wcd9380 qcf8000_firmware qca6574au qcn6432_firmware sa4155p_firmware mdm9628 ipq5300 qcf8001_firmware qcn9024_firmware qca8080 qcn9000 qcn9274 qcn6412 sa7255p sa6155p_firmware snapdragon_8_gen_1_mobile_platform_firmware snapdragon_auto_5g_modem-rf_gen_2 ipq9048 qca8082_firmware qxm8083 fastconnect_7800 immersive_home_3210_platform qcn5224_firmware qca6564au_firmware snapdragon_8_gen_1_mobile_platform ipq5312 ipq9008_firmware qca8101_firmware mdm9628_firmware qca6574a qcn9274_firmware qcn6402_firmware immersive_home_326_platform qca8385 qca8085 qcn5124_firmware ipq9554 qxm8083_firmware qca6564au ipq9574_firmware sa8530p_firmware qca6698aq qca8384 qca6584au Snapdragon

CWE ID-CWE-126

Buffer Over-read

CVE-2024-43063

Matching Score-10

Assigner-Qualcomm, Inc.

View Details

Matching Score-10

Assigner-Qualcomm, Inc.

CVSS Score-6.1||MEDIUM

EPSS-0.07% / 22.07%

7 Day CHG+0.04%

Published-06 Jan, 2025 | 10:33

Updated-10 Jan, 2025 | 15:37

Buffer Over-read in Automotive Autonomy

information disclosure while invoking the mailbox read API.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2023-33040

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.15% / 35.10%

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-03 Jun, 2025 | 14:46

Buffer Over-read in Data Modem

Transient DOS in Data Modem during DTLS handshake.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CVE-2024-38404

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.16% / 36.95%

7 Day CHG~0.00%

Published-03 Feb, 2025 | 16:51

Updated-05 Feb, 2025 | 13:59

Buffer Over-read in Multi Mode Call Processor

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.

Vendor-Qualcomm Technologies, Inc.

Product-fastconnect_7800_firmware wsa8840 qfw7124 sdm429w ar8035_firmware qcn6224_firmware sm7675 wsa8845h_firmware qca8337 wcn3620_firmware qca8337_firmware wsa8845 snapdragon_x72_5g_modem-rf_system_firmware wcn3680b wcn3610_firmware wcn3610 qcn6274_firmware qca6584au wcn3660b sm8635p sdm429w_firmware wcn3980 sm8635p_firmware wsa8845_firmware wcd9370 wcd9340_firmware qcc710_firmware sm7675_firmware wcn6755_firmware ar8035 snapdragon_429_mobile_firmware wsa8835 wsa8845h qca8081_firmware fastconnect_7800 wcd9340 snapdragon_x75_5g_modem-rf_system qca6698aq_firmware wcd9395_firmware snapdragon_x72_5g_modem-rf_system qfw7114_firmware sm7675p snapdragon_auto_5g_modem-rf_gen_2 qca6584au_firmware snapdragon_429_mobile wcd9375_firmware sm7675p_firmware wcn3680b_firmware wsa8832 wcd9390_firmware qcn6274 sm8635 qcc710 snapdragon_8_gen_3_mobile_firmware wcd9375 sdx80m sm8635_firmware snapdragon_8_gen_3_mobile sdx80m_firmware snapdragon_wear_4100\+wsa8830 snapdragon_wear_4100\+_firmware wsa8832_firmware wsa8830_firmware wcn3620 wcn6755 wcn3980_firmware qca8081 qca6698aq snapdragon_x75_5g_modem-rf_system_firmware qcn6224 qfw7114 wcd9390 wsa8840_firmware wcd9395 qfw7124_firmware wcn3660b_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware wsa8835_firmware wcd9370_firmware Snapdragon

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-38405

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.44% / 62.68%

7 Day CHG~0.00%

Published-04 Nov, 2024 | 10:04

Updated-07 Nov, 2024 | 20:06

Buffer Over-read in WLAN Host

Transient DOS while processing the CU information from RNR IE.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-38397

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.22% / 44.55%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN Host Communication

Transient DOS while parsing probe response and assoc response frame.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2023-33098

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.19% / 40.57%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:04

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN Firmware

Transient DOS while parsing WPA IES, when it is passed with length more than expected size.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2022-25730

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.09% / 25.57%

7 Day CHG~0.00%

Published-04 Apr, 2023 | 04:46

Updated-03 Aug, 2024 | 04:49

Buffer Over-read in MODEM

Information disclosure in modem due to improper check of IP type while processing DNS server query

Vendor-Qualcomm Technologies, Inc.

Product-wcd9306 wcd9380_firmware wsa8830 snapdragon_wear_1300 ssg2125p sxr2230p_firmware mdm8207 snapdragon_wear_1200 wcd9330 snapdragon_x5_lte_modem_firmware wsa8832_firmware wcn785x-5 wcn685x-5 qca4004_firmware wcn785x-1_firmware qts110 wcd9306_firmware sxr1230p_firmware wsa8835 wcd9380 wsa8832 snapdragon_ar2_gen_1_platform_firmware snapdragon_wear_1100_firmware qca4010 snapdragon_wear_1200_firmware ssg2125p_firmware ssg2115p snapdragon_ar2_gen_1_platform mdm9206 wcn685x-5_firmware wcn685x-1_firmware sxr1230p wcd9385 wcn685x-1 snapdragon_x5_lte_modem mdm8207_firmware snapdragon_wear_1100 mdm9205_firmware wcd9385_firmware mdm9205 mdm9206_firmware mdm9207_firmware qca4004 sxr2230p wsa8830_firmware wsa8835_firmware ssg2115p_firmware snapdragon_wear_1300_firmware wcn785x-5_firmware wcd9330_firmware qca4010_firmware wcn785x-1 mdm9207 qts110_firmware Snapdragon fastconnect_7800 wcd9306 snapdragon_1100_wearable_platform wsa8830 sxr1230p ssg2125p wcd9385 9207_lte_modem mdm8207 wcd9330 9206_lte_modem fastconnect_6900 snapdragon_ar2_gen1_platform 9205_lte_modem qca4004 sxr2230p qts110 wsa8835 wcd9380 wsa8832 snapdragon_1200_wearable_platform snapdragon_x5_lte_firmware qca4010 snapdragon_wear_1300_platform ssg2115p

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2022-25728

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.24% / 46.72%

7 Day CHG+0.13%

Published-09 Feb, 2023 | 06:58

Updated-03 Aug, 2024 | 04:49

Buffer Over-read in MODEM

Information disclosure in modem due to buffer over-read while processing response from DNS server

Vendor-Qualcomm Technologies, Inc.

Product-wcd9380_firmware wsa8830 ssg2125p sxr2230p_firmware wcd9330 wcn6856_firmware csra6620 qca4024_firmware wsa8835 sxr1230p_firmware wcd9380 csra6620_firmware ssg2125p_firmware ssg2115p mdm9206 csra6640_firmware wcn6855_firmware sxr1230p wcd9335_firmware wcn3980 wcn3998 wcd9385_firmware mdm9205 mdm9206_firmware wsa8815 sxr2230p qca4020 wcn7850 wcn3999_firmware wcn3998_firmware wcn3980_firmware wcd9330_firmware mdm9207 wcd9306 mdm8207 wcn3999 wcn7851 ar8031_firmware wsa8832_firmware qca4004_firmware mdm9607_firmware qcs405 qts110 mdm9607 wcd9306_firmware wsa8810_firmware wsa8810 wsa8832 qca4020_firmware wcn6855 wcd9335 wcn7851_firmware wcn6856 wcd9385 ar8031 qcs405_firmware mdm8207_firmware mdm9205_firmware qca4024 mdm9207_firmware qca4004 csra6640 wsa8830_firmware wsa8815_firmware wsa8835_firmware wcn7850_firmware ssg2115p_firmware qts110_firmware Snapdragon wcd9380_firmware sxr2230p_firmware ar8031_firmware wsa8832_firmware wcn6856_firmware qca4004_firmware mdm9607_firmware qca4024_firmware wcd9306_firmware sxr1230p_firmware wsa8810_firmware qca4020_firmware ssg2125p_firmware csra6620_firmware wcn7851_firmware wcn6855_firmware csra6640_firmware qcs405_firmware wcd9335_firmware mdm8207_firmware mdm9205_firmware wcd9385_firmware mdm9206_firmware mdm9207_firmware wsa8830_firmware wsa8815_firmware wsa8835_firmware wcn7850_firmware ssg2115p_firmware wcn3999_firmware wcn3998_firmware wcn3980_firmware wcd9330_firmware qts110_firmware

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2022-25726

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.09% / 25.57%

7 Day CHG~0.00%

Published-04 Apr, 2023 | 04:46

Updated-03 Aug, 2024 | 04:49

Buffer Over-read in MODEM

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet

Vendor-Qualcomm Technologies, Inc.

Product-wcd9306 wcd9380_firmware wsa8830 snapdragon_wear_1300 ssg2125p sxr2230p_firmware mdm8207 snapdragon_wear_1200 wcd9330 snapdragon_x5_lte_modem_firmware wsa8832_firmware wcn785x-5 wcn685x-5 qca4004_firmware wcn785x-1_firmware qts110 wcd9306_firmware sxr1230p_firmware wsa8835 wcd9380 wsa8832 snapdragon_wear_1100_firmware snapdragon_ar2_gen_1_platform_firmware snapdragon_wear_1200_firmware ssg2125p_firmware ssg2115p snapdragon_ar2_gen_1_platform mdm9206 wcn685x-5_firmware wcn685x-1_firmware sxr1230p wcd9385 wcn685x-1 snapdragon_x5_lte_modem mdm8207_firmware snapdragon_wear_1100 mdm9205_firmware wcd9385_firmware mdm9205 mdm9206_firmware mdm9207_firmware qca4004 sxr2230p wsa8830_firmware wsa8835_firmware ssg2115p_firmware snapdragon_wear_1300_firmware wcn785x-5_firmware wcd9330_firmware wcn785x-1 mdm9207 qts110_firmware Snapdragon 9205_lte_modem_firmware wcd9380_firmware snapdragon_wear_1300_platform_firmware 9207_lte_modem_firmware sxr2230p_firmware snapdragon_x5_lte_modem_firmware mdm8207_firmware wsa8832_firmware wcd9385_firmware fastconnect_6900_firmware qca4004_firmware snapdragon_1200_wearable_platform_firmware snapdragon_1100_wearable_platform_firmware 9206_lte_modem_firmware wsa8830_firmware wcd9306_firmware sxr1230p_firmware wsa8835_firmware fastconnect_7800_firmware ssg2115p_firmware snapdragon_ar2_gen_1_platform_firmware wcd9330_firmware ssg2125p_firmware qts110_firmware

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2023-33060

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.1||HIGH

EPSS-0.03% / 8.48%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-02 Aug, 2024 | 15:32

Buffer Over-read in Core

Transient DOS in Core when DDR memory check is called while DDR is not initialized.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33012

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.40% / 60.10%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-26 Nov, 2024 | 16:56

Buffer Over-read in WLAN Host

Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2022-25738

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.24% / 46.72%

7 Day CHG+0.13%

Published-09 Feb, 2023 | 06:58

Updated-03 Aug, 2024 | 04:49

Buffer Over-read in MODEM

Information disclosure in modem due to buffer over-red while performing checksum of packet received

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33013

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.41% / 60.57%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-26 Nov, 2024 | 16:49

Buffer Over-read in WLAN Host

Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33070

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.22% / 44.55%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-16 Oct, 2024 | 19:47

Buffer Over-read in WLAN Host Communication

Transient DOS while parsing ESP IE from beacon/probe response frame.

Vendor-Qualcomm Technologies, Inc.

Product-qca6564au_firmware qca6574au qca6564a_firmware qca6564a qca6574a_firmware qca6574au_firmware qca6564au mdm9628 mdm9628_firmware qca6574a Snapdragon qca6564au_firmware qca6564a_firmware qca6574a_firmware qca6574au_firmware mdm9628_firmware

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33020

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.41% / 60.57%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-20 Nov, 2024 | 19:24

Buffer Over-read in WLAN HOST

Transient DOS while processing TID-to-link mapping IE elements.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33011

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.52% / 66.34%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-26 Nov, 2024 | 16:48

Buffer Over-read in WLAN Host

Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2023-33097

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.15% / 35.10%

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:04

Updated-02 Aug, 2024 | 15:32

Buffer Over-read in WLAN Firmware

Transient DOS in WLAN Firmware while processing a FTMR frame.

Vendor-Qualcomm Technologies, Inc.

Product-qcn5024_firmware qam8255p_firmware snapdragon_8_gen_1_mobile_platform wsa8830 qcn9070 sxr2230p_firmware qca8337 qam8650p qfw7124 sg8275p_firmware ipq8173_firmware qam8775p qcf8001 qcn6224_firmware qcn5124 qca4024_firmware qca8082 qcn9072 qca8386 wsa8840 immersive_home_318_platform_firmware ipq8078a ipq5028_firmware qca6595au_firmware ipq6000 ssg2115p qcn5152_firmware qca0000_firmware qca6584au_firmware qcn9000_firmware snapdragon_8_gen_2_mobile_platform ipq9554 qca6554a_firmware wcd9385_firmware immersive_home_216_platform ipq8076a immersive_home_316_platform immersive_home_316_platform_firmware qca8386_firmware qcn6024_firmware sd_8_gen1_5g_firmware qca8084_firmware immersive_home_318_platform ipq8074a qcn5124_firmware qca8082_firmware qca6574au_firmware qcn5122_firmware qcn5164_firmware sdx55_firmware qca6595au qca8081_firmware qcn6023_firmware qfw7114 wsa8845h_firmware qcn9002 ipq5010 qca6564au_firmware qca6584au snapdragon_x65_5g_modem-rf_system_firmware qcm8550_firmware ipq8078a_firmware qcn9274 ipq8174 qcn9001 ipq5028 wsa8840_firmware qca6698aq qcn5052 qca0000 qcf8001_firmware ipq6010 qcs8550_firmware sc8380xp_firmware qcn6112_firmware qcn9074 qca8085 sdx65m wcd9340 qcn6132 qcn6224 qcn9013 wsa8845h snapdragon_ar2_gen_1_platform_firmware snapdragon_x75_5g_modem-rf_system wcd9395_firmware qca8081 qcf8000 qca6698aq_firmware ipq8071a qcn6023 sdx65m_firmware ipq8071a_firmware immersive_home_3210_platform qca8085_firmware qam8775p_firmware qca9888_firmware qcn6122 wcd9385 qca6696_firmware ipq9008_firmware ipq9570 qcn5154_firmware qca6797aq ar8035 csr8811 wcd9390 qcc710_firmware qcn9100_firmware wsa8830_firmware ipq5010_firmware ipq8074a_firmware wsa8835_firmware qcn5022_firmware immersive_home_216_platform_firmware snapdragon_8_gen_2_mobile_platform_firmware qca8072 qca8337_firmware wcd9380_firmware ssg2125p qcn9000 ipq8072a qcf8000_firmware qca6554a ipq8076a_firmware qca6595 ipq8078 qca6564au qca8084 ipq8173 qcm8550 qcn9001_firmware ipq9008 qcn9012 qcn5164 immersive_home_326_platform_firmware qcn6122_firmware qca6574 sxr1230p_firmware wsa8835 snapdragon_8\+_gen_2_mobile_platform_firmware csr8811_firmware sd_8_gen1_5g qcn6274 wcd9380 ipq9554_firmware qcn5054_firmware qcn5154 qca8075_firmware ssg2125p_firmware qca6574a qcn5024 qca9889 qcn6132_firmware qcn9003_firmware sxr1230p qca9888 qca8072_firmware sg8275p qcn9012_firmware qcn5052_firmware qcn9274_firmware qcc2076_firmware ipq8070a_firmware qcn9003 qfw7114_firmware wsa8845 qcc2073_firmware ipq6018_firmware ipq8076_firmware qca6574_firmware wcd9340_firmware qcn6112 sxr2230p ipq8076 wsa8845_firmware qca6574a_firmware qcn5152 ipq6028 sc8380xp qcn9024 ipq9574_firmware immersive_home_3210_platform_firmware fastconnect_7800 qcn9100 qcn6274_firmware snapdragon_x65_5g_modem-rf_system ipq8078_firmware ipq9570_firmware fastconnect_6900 qcn5054 qcn9070_firmware fastconnect_6900_firmware snapdragon_x75_5g_modem-rf_system_firmware wsa8832_firmware ipq6028_firmware ipq8072a_firmware qca6797aq_firmware qca6574au qca9889_firmware ipq9574 qcn5122 qcn9024_firmware ipq8174_firmware fastconnect_7800_firmware snapdragon_8\+_gen_2_mobile_platform wsa8832 ipq5332_firmware ipq5332 sm8550p snapdragon_8_gen_1_mobile_platform_firmware immersive_home_326_platform snapdragon_ar2_gen_1_platform ipq6018 qcn5022 qcn9013_firmware qam8650p_firmware qcc710 ipq6010_firmware immersive_home_214_platform qca6595_firmware wcd9395 qca6696 qcs8550 immersive_home_214_platform_firmware qca4024 sm8550p_firmware sdx55 qca8075 qcn9022_firmware wcd9390_firmware qcn6024 qcn9022 qcc2076 ipq8070a qcn9002_firmware qcn9072_firmware ipq6000_firmware ssg2115p_firmware qcn9074_firmware qfw7124_firmware qam8255p qcc2073 ar8035_firmware Snapdragon

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33026

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.40% / 60.10%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-20 Nov, 2024 | 19:37

Buffer Over-read in WLAN Host

Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33015

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.52% / 66.34%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-20 Nov, 2024 | 19:57

Buffer Over-read in WLAN Host

Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33061

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-6.8||MEDIUM

EPSS-0.07% / 22.07%

7 Day CHG+0.04%

Published-06 Jan, 2025 | 10:33

Updated-10 Jan, 2025 | 16:49

Buffer Over-read in DSP Service

Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.

Vendor-Qualcomm Technologies, Inc.

Product-wcn3980 sw5100 sw5100p_firmware wcn3660b wsa8830 wsa8830_firmware sw5100_firmware wcn3680b wcn3988_firmware qcs8550_firmware wcn3988 wcn3660b_firmware wsa8835_firmware qcs8550 wsa8835 wcn3980_firmware wcn3680b_firmware sw5100p Snapdragon

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33047

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.11% / 29.67%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in Display

Memory corruption when the captureRead QDCM command is invoked from user-space.

Vendor-Qualcomm Technologies, Inc.

Product-sdm429w_firmware qcs5430 wsa8845_firmware snapdragon_7c\+_gen_3 wsa8840 wsa8845h wcd9380_firmware wcd9370 qcm5430 qcm5430_firmware snapdragon_429_firmware wsa8830 wcd9385 sc8380xp snapdragon_8cx_gen_3_firmware sc8380xp_firmware fastconnect_6700 wcn3620 wcd9375_firmware fastconnect_6900 fastconnect_7800_firmware snapdragon_7c\+_gen_3_firmware wcd9370_firmware qcs5430_firmware wcd9385_firmware fastconnect_6900_firmware snapdragon_8cx_gen_3 wcd9380 qcm6490_firmware wcn3660b wcn3620_firmware fastconnect_7800 wcd9375 qcm6490 wsa8845 fastconnect_6700_firmware wsa8845h_firmware snapdragon_429 video_collaboration_vc3_platform_firmware qcs6490_firmware wsa8835_firmware sdm429w qcs6490 wcn3660b_firmware wsa8835 wsa8840_firmware wsa8830_firmware video_collaboration_vc3_platform Snapdragon qcm5430_firmware wcd9380_firmware qcs6490_firmware qcm6490_firmware qcs5430_firmware wsa8840_firmware qualcomm_video_collaboration_vc3_platform_firmware wcd9385_firmware fastconnect_6900_firmware wcd9370_firmware sc8380xp_firmware wsa8830_firmware wsa8845_firmware wcn3620_firmware sdm429w_firmware fastconnect_6700_firmware wcn3660b_firmware wsa8835_firmware snapdragon_429_mobile_platform_firmware fastconnect_7800_firmware wcd9375_firmware wsa8845h_firmware

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2024-33049

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.22% / 43.96%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN Host Communication

Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2024-33048

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.29% / 52.12%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN Host

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2024-33014

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.40% / 60.10%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-20 Nov, 2024 | 20:35

Buffer Over-read in WLAN Host

Transient DOS while parsing ESP IE from beacon/probe response frame.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33071

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.22% / 44.55%

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-16 Oct, 2024 | 19:41

Buffer Over-read in WLAN Host Communication

Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0.

Vendor-Qualcomm Technologies, Inc.

Product-qca6564au_firmware qca6574au qca6564a_firmware qca6574a_firmware qca6574au_firmware qca6564a mdm9628 mdm9628_firmware qca6564au qca6574a Snapdragon qca6564au_firmware qca6564a_firmware qca6574a_firmware qca6574au_firmware mdm9628_firmware

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33056

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.09% / 25.56%

7 Day CHG+0.01%

Published-02 Dec, 2024 | 10:18

Updated-12 Dec, 2024 | 15:25

Buffer Over-read in MProc

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33019

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.52% / 66.34%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-20 Nov, 2024 | 19:21

Buffer Over-read in WLAN Host

Transient DOS while parsing the received TID-to-link mapping action frame.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33018

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.99% / 76.42%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-20 Nov, 2024 | 19:40

Buffer Over-read in WLAN Host

Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-126

Buffer Over-read

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-33057

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.29% / 52.12%

7 Day CHG~0.00%

Published-02 Sep, 2024 | 10:22

Updated-11 Aug, 2025 | 15:06

Buffer Over-read in WLAN Host Communication

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-126

Buffer Over-read

CVE-2025-47362

Credits

Buffer Over-read in Automotive Software platform based on QNX

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs