Vulnerabilities > Qualcomm

DATE CVE VULNERABILITY TITLE RISK
2025-01-06 CVE-2024-45542 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.
local
low complexity
qualcomm CWE-787
7.8
7.8
2025-01-06 CVE-2024-45546 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.
local
low complexity
qualcomm CWE-125
7.8
7.8
2025-01-06 CVE-2024-45547 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.
local
low complexity
qualcomm CWE-120
7.8
7.8
2025-01-06 CVE-2024-45548 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.
local
low complexity
qualcomm CWE-125
7.8
7.8
2025-01-06 CVE-2024-45550 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls.
local
low complexity
qualcomm CWE-129
7.8
7.8
2025-01-06 CVE-2024-45553 Use After Free vulnerability in Qualcomm products
Memory corruption can occur when process-specific maps are added to the global list.
local
low complexity
qualcomm CWE-416
7.8
7.8
2025-01-06 CVE-2024-45555 Integer Overflow or Wraparound vulnerability in Qualcomm products
Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification.
local
low complexity
qualcomm CWE-190
7.8
7.8
2025-01-06 CVE-2024-45558 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.
network
low complexity
qualcomm CWE-125
7.5
7.5
2025-01-06 CVE-2024-45559 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.
local
low complexity
qualcomm CWE-125
5.5
5.5
2024-12-02 CVE-2024-33036 Use of Out-of-range Pointer Offset vulnerability in Qualcomm products
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
local
low complexity
qualcomm CWE-823
6.7
6.7