Vulnerabilities > Qualcomm > SD 8 Gen1 5G Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-23377 Unspecified vulnerability in Qualcomm products
Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.
local
low complexity
qualcomm
6.7
2024-07-01 CVE-2024-21462 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while loading the TA ELF file.
local
low complexity
qualcomm CWE-125
5.5
2024-01-02 CVE-2023-33036 NULL Pointer Dereference vulnerability in Qualcomm products
Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call.
local
low complexity
qualcomm CWE-476
5.5
2024-01-02 CVE-2023-33037 Missing Encryption of Sensitive Data vulnerability in Qualcomm products
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.
local
low complexity
qualcomm CWE-311
5.5
2023-12-05 CVE-2023-28586 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
local
low complexity
qualcomm CWE-119
6.5
2023-09-05 CVE-2022-33220 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Automotive multimedia due to buffer over-read.
local
low complexity
qualcomm CWE-125
5.5
2023-09-05 CVE-2023-21667 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.
low complexity
qualcomm CWE-125
6.5
2023-08-08 CVE-2023-21647 Improper Input Validation vulnerability in Qualcomm products
Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.
network
low complexity
qualcomm CWE-20
6.5
2023-06-06 CVE-2022-22076 Unspecified vulnerability in Qualcomm products
information disclosure due to cryptographic issue in Core during RPMB read request.
local
low complexity
qualcomm
5.5
2023-06-06 CVE-2022-40523 Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products
Information disclosure in Kernel due to indirect branch misprediction.
local
low complexity
qualcomm CWE-668
5.5