Vulnerabilities > Qualcomm > Qcs4290 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-21461 | Double Free vulnerability in Qualcomm products Memory corruption while performing finish HMAC operation when context is freed by keymaster. | 7.8 |
| 2024-07-01 | CVE-2024-21462 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while loading the TA ELF file. | 5.5 |
| 2024-07-01 | CVE-2024-21465 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption while processing key blob passed by the user. | 7.8 |
| 2024-07-01 | CVE-2024-21469 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when an invoke call and a TEE call are bound for the same trusted application. | 7.8 |
| 2024-07-01 | CVE-2024-23373 | Use After Free vulnerability in Qualcomm products Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released. | 7.8 |
| 2024-06-03 | CVE-2023-43551 | Improper Authentication vulnerability in Qualcomm products Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. | 7.5 |
| 2024-04-01 | CVE-2023-28547 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in SPS Application while requesting for public key in sorter TA. | 7.8 |
| 2024-04-01 | CVE-2023-33023 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while processing finish_sign command to pass a rsp buffer. | 7.8 |
| 2024-04-01 | CVE-2024-21468 | Use After Free vulnerability in Qualcomm products Memory corruption when there is failed unmap operation in GPU. | 7.8 |
| 2024-03-04 | CVE-2023-28578 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in Core Services while executing the command for removing a single event listener. | 7.8 |