Vulnerabilities > Qualcomm > Sm6250 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-03 | CVE-2024-43051 | Improper Authorization vulnerability in Qualcomm products Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
| 2025-03-03 | CVE-2024-53014 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption may occur while validating ports and channels in Audio driver. | 7.8 |
| 2025-03-03 | CVE-2025-21424 | Use After Free vulnerability in Qualcomm products Memory corruption while calling the NPU driver APIs concurrently. | 7.8 |
| 2025-01-06 | CVE-2024-45541 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption when IOCTL call is invoked from user-space to read board data. | 7.8 |
| 2025-01-06 | CVE-2024-45542 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. | 7.8 |
| 2024-12-02 | CVE-2024-33044 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while Configuring the SMR/S2CR register in Bypass mode. | 7.8 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |
| 2024-11-04 | CVE-2024-38406 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Memory corruption while handling IOCTL calls in JPEG Encoder driver. | 7.0 |
| 2024-11-04 | CVE-2024-38407 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. | 7.0 |
| 2024-11-04 | CVE-2024-38408 | Unspecified vulnerability in Qualcomm products Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. | 9.1 |