Vulnerabilities > Qualcomm > Qcm6490 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-38405 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while processing the CU information from RNR IE.
network
low complexity
qualcomm CWE-125
6.5
2024-09-02 CVE-2024-33043 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
local
low complexity
qualcomm CWE-125
5.5
2024-08-05 CVE-2024-23357 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
local
low complexity
qualcomm CWE-476
5.5
2024-07-01 CVE-2024-21462 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while loading the TA ELF file.
local
low complexity
qualcomm CWE-125
5.5
2023-12-05 CVE-2023-28586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
local
low complexity
qualcomm CWE-119
6.5
2023-07-04 CVE-2023-21629 Double Free vulnerability in Qualcomm products
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
low complexity
qualcomm CWE-415
6.8
2023-06-06 CVE-2022-22076 Unspecified vulnerability in Qualcomm products
information disclosure due to cryptographic issue in Core during RPMB read request.
local
low complexity
qualcomm
5.5
2023-06-06 CVE-2022-40523 Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products
Information disclosure in Kernel due to indirect branch misprediction.
local
low complexity
qualcomm CWE-668
5.5
2023-06-06 CVE-2022-40533 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.
local
low complexity
qualcomm CWE-119
5.5
2023-04-13 CVE-2022-33270 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
network
high complexity
qualcomm CWE-367
5.9