Vulnerabilities > Qualcomm > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-07 CVE-2024-38425 Incorrect Authorization vulnerability in Qualcomm products
Information disclosure while sending implicit broadcast containing APP launch information.
local
low complexity
qualcomm CWE-863
6.1
2024-09-02 CVE-2024-33043 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
local
low complexity
qualcomm CWE-125
5.5
2024-08-05 CVE-2024-23357 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
local
low complexity
qualcomm CWE-476
5.5
2024-07-01 CVE-2024-21460 Use of Insufficiently Random Values vulnerability in Qualcomm products
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
local
low complexity
qualcomm CWE-330
6.5
2024-07-01 CVE-2024-21462 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while loading the TA ELF file.
local
low complexity
qualcomm CWE-125
5.5
2024-02-06 CVE-2023-33060 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS in Core when DDR memory check is called while DDR is not initialized.
local
low complexity
qualcomm CWE-125
5.5
2024-01-02 CVE-2023-33014 Improper Input Validation vulnerability in Qualcomm products
Information disclosure in Core services while processing a Diag command.
low complexity
qualcomm CWE-20
6.8
2024-01-02 CVE-2023-33036 NULL Pointer Dereference vulnerability in Qualcomm products
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.
local
low complexity
qualcomm CWE-476
5.5
2024-01-02 CVE-2023-33037 Missing Encryption of Sensitive Data vulnerability in Qualcomm products
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.
local
low complexity
qualcomm CWE-311
5.5
2023-12-05 CVE-2023-28586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
local
low complexity
qualcomm CWE-119
6.5