Vulnerabilities > Qualcomm > Qca6320 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-06 | CVE-2024-33067 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. | 5.5 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |
| 2024-11-04 | CVE-2024-38422 | Unspecified vulnerability in Qualcomm products Memory corruption while processing voice packet with arbitrary data received from ADSP. | 7.8 |
| 2024-11-04 | CVE-2024-38423 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while processing GPU page table switch. | 7.8 |
| 2024-10-07 | CVE-2024-23379 | Double Free vulnerability in Qualcomm products Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario. | 6.7 |
| 2024-09-02 | CVE-2024-33042 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when Alternative Frequency offset value is set to 255. | 7.8 |
| 2024-09-02 | CVE-2024-33043 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while handling PS event when Program Service name length offset value is set to 255. | 5.5 |
| 2024-09-02 | CVE-2024-33045 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when BTFM client sends new messages over Slimbus to ADSP. | 7.8 |
| 2024-09-02 | CVE-2024-33048 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. | 7.5 |
| 2024-09-02 | CVE-2024-33051 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. | 7.5 |