Vulnerabilities > Qualcomm > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-02 | CVE-2024-33037 | Buffer Over-read vulnerability in Qualcomm products Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. | 6.1 |
| 2024-12-02 | CVE-2024-33039 | Untrusted Pointer Dereference vulnerability in Qualcomm products Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service. | 6.7 |
| 2024-12-02 | CVE-2024-33053 | Use After Free vulnerability in Qualcomm products Memory corruption when multiple threads try to unregister the CVP buffer at the same time. | 6.7 |
| 2024-11-26 | CVE-2017-18306 | Use of Uninitialized Resource vulnerability in Qualcomm products Information disclosure due to uninitialized variable. | 5.5 |
| 2024-11-26 | CVE-2017-18307 | Unspecified vulnerability in Qualcomm products Information disclosure possible while audio playback. | 5.5 |
| 2024-11-26 | CVE-2018-11922 | Unspecified vulnerability in Qualcomm products Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. | 5.5 |
| 2024-11-04 | CVE-2024-23377 | Unspecified vulnerability in Qualcomm products Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver. | 6.7 |
| 2024-11-04 | CVE-2024-23385 | Reachable Assertion vulnerability in Qualcomm products Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | 6.5 |
| 2024-11-04 | CVE-2024-23386 | Unspecified vulnerability in Qualcomm products memory corruption when WiFi display APIs are invoked with large random inputs. | 6.7 |
| 2024-11-04 | CVE-2024-33029 | Use After Free vulnerability in Qualcomm products Memory corruption while handling the PDR in driver for getting the remote heap maps. | 6.7 |