Vulnerabilities > Qualcomm > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-03-03 CVE-2024-38426 Improper Authentication vulnerability in Qualcomm products
While processing the authentication message in UE, improper authentication may lead to information disclosure.
network
low complexity
qualcomm CWE-287
5.3
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5
2025-03-03 CVE-2024-43056 Buffer Over-read vulnerability in Qualcomm products
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
local
low complexity
qualcomm CWE-126
6.5
2025-03-03 CVE-2024-53025 Integer Overflow or Wraparound vulnerability in Qualcomm products
Transient DOS can occur while processing UCI command.
local
low complexity
qualcomm CWE-190
5.5
2025-02-03 CVE-2024-38414 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while processing information on firmware image during core initialization.
local
low complexity
qualcomm CWE-125
5.5
2025-02-03 CVE-2024-38416 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure during audio playback.
local
low complexity
qualcomm CWE-125
5.5
2025-02-03 CVE-2024-38417 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while processing IO control commands.
local
low complexity
qualcomm CWE-125
5.5
2025-01-06 CVE-2024-23366 Out-of-bounds Read vulnerability in Qualcomm products
Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.
local
low complexity
qualcomm CWE-125
5.5
2025-01-06 CVE-2024-33061 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.
local
low complexity
qualcomm CWE-125
5.5
2025-01-06 CVE-2024-33067 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
local
low complexity
qualcomm CWE-125
5.5