Vulnerabilities > Qualcomm > SD 8 Gen1 5G Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-03-03 CVE-2024-38426 Improper Authentication vulnerability in Qualcomm products
While processing the authentication message in UE, improper authentication may lead to information disclosure.
network
low complexity
qualcomm CWE-287
5.3
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5
2025-03-03 CVE-2024-43056 Buffer Over-read vulnerability in Qualcomm products
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
local
low complexity
qualcomm CWE-126
6.5
2025-03-03 CVE-2024-53014 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption may occur while validating ports and channels in Audio driver.
local
low complexity
qualcomm CWE-129
7.8
2025-03-03 CVE-2024-53024 NULL Pointer Dereference vulnerability in Qualcomm products
Memory corruption in display driver while detaching a device.
local
low complexity
qualcomm CWE-476
7.8
2025-03-03 CVE-2024-53027 Classic Buffer Overflow vulnerability in Qualcomm products
Transient DOS may occur while processing the country IE.
network
low complexity
qualcomm CWE-120
7.5
2025-02-03 CVE-2024-38420 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while configuring a Hypervisor based input virtual device.
local
low complexity
qualcomm CWE-787
7.8
2025-02-03 CVE-2024-49833 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption can occur in the camera when an invalid CID is used.
local
low complexity
qualcomm CWE-129
7.8
2025-02-03 CVE-2024-49834 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption while power-up or power-down sequence of the camera sensor.
local
low complexity
qualcomm CWE-129
7.8
2025-02-03 CVE-2024-49838 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure while parsing the OCI IE with invalid length.
network
low complexity
qualcomm CWE-125
7.5