Vulnerabilities > Qualcomm > Qcs4490 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-06 | CVE-2024-21464 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption while processing IPA statistics, when there are no active clients registered. | 7.8 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |
| 2024-11-04 | CVE-2024-23385 | Reachable Assertion vulnerability in Qualcomm products Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | 6.5 |
| 2024-11-04 | CVE-2024-33032 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it. | 6.7 |
| 2024-11-04 | CVE-2024-38408 | Unspecified vulnerability in Qualcomm products Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. | 9.1 |
| 2024-11-04 | CVE-2024-38415 | Use After Free vulnerability in Qualcomm products Memory corruption while handling session errors from firmware. | 7.8 |
| 2024-11-04 | CVE-2024-38424 | Use After Free vulnerability in Qualcomm products Memory corruption during GNSS HAL process initialization. | 7.8 |
| 2024-09-02 | CVE-2024-33038 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. | 7.8 |
| 2024-09-02 | CVE-2024-33042 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when Alternative Frequency offset value is set to 255. | 7.8 |
| 2024-09-02 | CVE-2024-33043 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while handling PS event when Program Service name length offset value is set to 255. | 5.5 |