Vulnerabilities > Qualcomm > Qca6174A Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-02-03 CVE-2024-45584 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.
local
low complexity
qualcomm CWE-119
7.8
2025-02-03 CVE-2024-49838 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while parsing the OCI IE with invalid length.
network
low complexity
qualcomm CWE-125
7.5
2025-01-06 CVE-2024-45553 Use After Free vulnerability in Qualcomm products
Memory corruption can occur when process-specific maps are added to the global list.
local
low complexity
qualcomm CWE-416
7.8
2024-12-02 CVE-2024-33037 Buffer Over-read vulnerability in Qualcomm products
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
local
low complexity
qualcomm CWE-126
6.1
2024-12-02 CVE-2024-33044 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
local
low complexity
qualcomm CWE-129
7.8
2024-12-02 CVE-2024-33056 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
local
low complexity
qualcomm CWE-125
7.8
2024-12-02 CVE-2024-43050 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.
local
low complexity
qualcomm CWE-787
7.8
2024-12-02 CVE-2024-43052 Unspecified vulnerability in Qualcomm products
Memory corruption while processing API calls to NPU with invalid input.
local
low complexity
qualcomm
7.8
2024-11-04 CVE-2024-23385 Reachable Assertion vulnerability in Qualcomm products
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
network
low complexity
qualcomm CWE-617
6.5
2024-11-04 CVE-2024-38408 Unspecified vulnerability in Qualcomm products
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
network
low complexity
qualcomm
critical
9.1