Vulnerabilities > Qualcomm > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-01-06 CVE-2024-43063 Out-of-bounds Read vulnerability in Qualcomm products
information disclosure while invoking the mailbox read API.
local
low complexity
qualcomm CWE-125
5.5
2025-01-06 CVE-2024-43064 Allocation of Resources Without Limits or Throttling vulnerability in Qualcomm products
Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU.
local
high complexity
qualcomm CWE-770
4.7
2025-01-06 CVE-2024-45559 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend.
local
low complexity
qualcomm CWE-125
5.5
2024-12-02 CVE-2024-33036 Use of Out-of-range Pointer Offset vulnerability in Qualcomm products
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
local
low complexity
qualcomm CWE-823
6.7
2024-12-02 CVE-2024-33037 Buffer Over-read vulnerability in Qualcomm products
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
local
low complexity
qualcomm CWE-126
6.1
2024-12-02 CVE-2024-33039 Untrusted Pointer Dereference vulnerability in Qualcomm products
Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service.
local
low complexity
qualcomm CWE-822
6.7
2024-12-02 CVE-2024-33053 Use After Free vulnerability in Qualcomm products
Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
local
low complexity
qualcomm CWE-416
6.7
2024-11-26 CVE-2017-18306 Use of Uninitialized Resource vulnerability in Qualcomm products
Information disclosure due to uninitialized variable.
local
low complexity
qualcomm CWE-908
5.5
2024-11-26 CVE-2017-18307 Unspecified vulnerability in Qualcomm products
Information disclosure possible while audio playback.
local
low complexity
qualcomm
5.5
2024-11-26 CVE-2018-11922 Unspecified vulnerability in Qualcomm products
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
local
low complexity
qualcomm
5.5