Vulnerabilities > Qualcomm > Qca6574A Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-03-03 CVE-2024-38426 Improper Authentication vulnerability in Qualcomm products
While processing the authentication message in UE, improper authentication may lead to information disclosure.
network
low complexity
qualcomm CWE-287
5.3
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5
2025-03-03 CVE-2024-43056 Buffer Over-read vulnerability in Qualcomm products
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
local
low complexity
qualcomm CWE-126
6.5
2025-02-03 CVE-2024-38416 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure during audio playback.
local
low complexity
qualcomm CWE-125
5.5
2025-01-06 CVE-2024-33067 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
local
low complexity
qualcomm CWE-125
5.5
2024-11-04 CVE-2024-23385 Reachable Assertion vulnerability in Qualcomm products
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
network
low complexity
qualcomm CWE-617
6.5
2024-11-04 CVE-2024-33068 Use After Free vulnerability in Qualcomm products
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
network
low complexity
qualcomm CWE-416
6.5
2024-11-04 CVE-2024-38403 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing BTM ML IE when per STA profile is not included.
network
low complexity
qualcomm CWE-125
6.5
2024-11-04 CVE-2024-38405 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while processing the CU information from RNR IE.
network
low complexity
qualcomm CWE-125
6.5
2024-09-02 CVE-2024-33043 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
local
low complexity
qualcomm CWE-125
5.5