Vulnerabilities > Qualcomm > Sa8145P Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-33032 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.
local
low complexity
qualcomm CWE-129
6.7
2024-10-07 CVE-2024-23374 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
local
low complexity
qualcomm CWE-787
6.7
2024-10-07 CVE-2024-23376 Use After Free vulnerability in Qualcomm products
Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.
local
low complexity
qualcomm CWE-416
6.7
2024-08-05 CVE-2024-23357 NULL Pointer Dereference vulnerability in Qualcomm products
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
local
low complexity
qualcomm CWE-476
5.5
2024-07-01 CVE-2024-21462 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while loading the TA ELF file.
local
low complexity
qualcomm CWE-125
5.5
2024-01-02 CVE-2023-33037 Missing Encryption of Sensitive Data vulnerability in Qualcomm products
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.
local
low complexity
qualcomm CWE-311
5.5
2023-12-05 CVE-2023-28586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
local
low complexity
qualcomm CWE-119
6.5
2023-12-05 CVE-2023-33070 Improper Authentication vulnerability in Qualcomm products
Transient DOS in Automotive OS due to improper authentication to the secure IO calls.
local
low complexity
qualcomm CWE-287
5.5
2023-11-07 CVE-2023-28553 Unspecified vulnerability in Qualcomm products
Information Disclosure in WLAN Host when processing WMI event command.
local
low complexity
qualcomm
5.5
2023-11-07 CVE-2023-28554 Unspecified vulnerability in Qualcomm products
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
local
low complexity
qualcomm
5.5