Vulnerabilities > Qualcomm > Sc8380Xp Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-05-06 CVE-2024-49835 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while reading secure file.
local
low complexity
qualcomm CWE-787
7.8
2025-05-06 CVE-2024-49841 Detection of Error Condition Without Action vulnerability in Qualcomm products
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
local
low complexity
qualcomm CWE-390
7.8
2025-05-06 CVE-2024-49842 Improper Access Control vulnerability in Qualcomm products
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
local
low complexity
qualcomm CWE-284
7.8
2025-05-06 CVE-2024-49844 Improper Input Validation vulnerability in Qualcomm products
Memory corruption while triggering commands in the PlayReady Trusted application.
local
low complexity
qualcomm CWE-20
7.8
2025-05-06 CVE-2024-49845 Improper Input Validation vulnerability in Qualcomm products
Memory corruption during the FRS UDS generation process.
local
low complexity
qualcomm CWE-20
7.8
2025-05-06 CVE-2025-21462 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
local
low complexity
qualcomm CWE-787
7.8
2025-05-06 CVE-2025-21469 Improper Access Control vulnerability in Qualcomm products
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
local
low complexity
qualcomm CWE-284
7.8
2025-05-06 CVE-2025-21470 Improper Access Control vulnerability in Qualcomm products
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
local
low complexity
qualcomm CWE-284
7.8
2025-05-06 CVE-2025-21475 Buffer Over-read vulnerability in Qualcomm products
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
local
low complexity
qualcomm CWE-126
7.8
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5