Vulnerabilities > Qualcomm > Qca6584Au Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-03 | CVE-2024-38426 | Improper Authentication vulnerability in Qualcomm products While processing the authentication message in UE, improper authentication may lead to information disclosure. | 5.3 |
| 2025-03-03 | CVE-2024-43051 | Improper Authorization vulnerability in Qualcomm products Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
| 2025-03-03 | CVE-2024-43056 | Buffer Over-read vulnerability in Qualcomm products Transient DOS during hypervisor virtual I/O operation in a virtual machine. | 6.5 |
| 2025-02-03 | CVE-2024-38416 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure during audio playback. | 5.5 |
| 2025-02-03 | CVE-2024-38417 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while processing IO control commands. | 5.5 |
| 2025-01-06 | CVE-2024-33067 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. | 5.5 |
| 2024-11-04 | CVE-2024-23385 | Reachable Assertion vulnerability in Qualcomm products Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | 6.5 |
| 2024-11-04 | CVE-2024-33029 | Use After Free vulnerability in Qualcomm products Memory corruption while handling the PDR in driver for getting the remote heap maps. | 6.7 |
| 2024-11-04 | CVE-2024-33030 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size. | 6.7 |
| 2024-11-04 | CVE-2024-33068 | Use After Free vulnerability in Qualcomm products Transient DOS while parsing fragments of MBSSID IE from beacon frame. | 6.5 |