Vulnerabilities > Qualcomm > C V2X 9150 Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5
2025-03-03 CVE-2024-43057 Use After Free vulnerability in Qualcomm products
Memory corruption while processing command in Glink linux.
local
low complexity
qualcomm CWE-416
7.8
2025-03-03 CVE-2024-53014 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption may occur while validating ports and channels in Audio driver.
local
low complexity
qualcomm CWE-129
7.8
2025-03-03 CVE-2025-21424 Use After Free vulnerability in Qualcomm products
Memory corruption while calling the NPU driver APIs concurrently.
local
low complexity
qualcomm CWE-416
7.8
2025-02-03 CVE-2024-38416 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure during audio playback.
local
low complexity
qualcomm CWE-125
5.5
2025-02-03 CVE-2024-38417 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while processing IO control commands.
local
low complexity
qualcomm CWE-125
5.5
2025-02-03 CVE-2024-38418 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption while parsing the memory map info in IOCTL calls.
local
high complexity
qualcomm CWE-367
7.0
2025-01-06 CVE-2024-33067 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
local
low complexity
qualcomm CWE-125
5.5
2024-12-02 CVE-2024-33036 Use of Out-of-range Pointer Offset vulnerability in Qualcomm products
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
local
low complexity
qualcomm CWE-823
6.7
2024-12-02 CVE-2024-33037 Buffer Over-read vulnerability in Qualcomm products
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
local
low complexity
qualcomm CWE-126
6.1