Vulnerabilities > Qualcomm > Qca6584Au Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-03-03 CVE-2024-38426 Improper Authentication vulnerability in Qualcomm products
While processing the authentication message in UE, improper authentication may lead to information disclosure.
network
low complexity
qualcomm CWE-287
5.3
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5
2025-03-03 CVE-2024-43056 Buffer Over-read vulnerability in Qualcomm products
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
local
low complexity
qualcomm CWE-126
6.5
2025-02-03 CVE-2024-38416 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure during audio playback.
local
low complexity
qualcomm CWE-125
5.5
2025-02-03 CVE-2024-38417 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while processing IO control commands.
local
low complexity
qualcomm CWE-125
5.5
2025-01-06 CVE-2024-33067 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
local
low complexity
qualcomm CWE-125
5.5
2024-11-04 CVE-2024-23385 Reachable Assertion vulnerability in Qualcomm products
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
network
low complexity
qualcomm CWE-617
6.5
2024-11-04 CVE-2024-33029 Use After Free vulnerability in Qualcomm products
Memory corruption while handling the PDR in driver for getting the remote heap maps.
local
low complexity
qualcomm CWE-416
6.7
2024-11-04 CVE-2024-33030 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.
local
low complexity
qualcomm CWE-120
6.7
2024-11-04 CVE-2024-33068 Use After Free vulnerability in Qualcomm products
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
network
low complexity
qualcomm CWE-416
6.5