Vulnerabilities > Qualcomm > Qcs6490 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-21462 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while loading the TA ELF file.
local
low complexity
qualcomm CWE-125
5.5
2023-12-05 CVE-2023-28586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
local
low complexity
qualcomm CWE-119
6.5
2023-07-04 CVE-2023-21629 Double Free vulnerability in Qualcomm products
Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.
low complexity
qualcomm CWE-415
6.8
2023-06-06 CVE-2022-22076 Unspecified vulnerability in Qualcomm products
information disclosure due to cryptographic issue in Core during RPMB read request.
local
low complexity
qualcomm
5.5
2023-06-06 CVE-2022-40523 Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products
Information disclosure in Kernel due to indirect branch misprediction.
local
low complexity
qualcomm CWE-668
5.5
2023-06-06 CVE-2022-40533 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.
local
low complexity
qualcomm CWE-119
5.5
2023-04-13 CVE-2022-33270 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
network
high complexity
qualcomm CWE-367
5.9
2023-04-13 CVE-2022-33289 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
low complexity
qualcomm CWE-129
6.8
2023-03-10 CVE-2022-22075 Unspecified vulnerability in Qualcomm products
Information Disclosure in Graphics during GPU context switch.
local
low complexity
qualcomm
5.5
2023-01-09 CVE-2022-25725 Release of Invalid Pointer or Reference vulnerability in Qualcomm products
Denial of service in MODEM due to improper pointer handling
local
low complexity
qualcomm CWE-763
5.5