Vulnerabilities > Qualcomm > Snapdragon 660 Mobile Platform Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-02 | CVE-2023-33033 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in Audio during playback with speaker protection. | 7.8 |
| 2024-01-02 | CVE-2023-33094 | Use After Free vulnerability in Qualcomm products Memory corruption while running VK synchronization with KASAN enabled. | 7.8 |
| 2024-01-02 | CVE-2023-33110 | Race Condition vulnerability in Qualcomm products The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. | 7.0 |
| 2024-01-02 | CVE-2023-33114 | Use After Free vulnerability in Qualcomm products Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. | 7.8 |
| 2024-01-02 | CVE-2023-43511 | Infinite Loop vulnerability in Qualcomm products Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | 7.5 |
| 2023-12-05 | CVE-2023-28546 | Classic Buffer Overflow vulnerability in Qualcomm products Memory Corruption in SPS Application while exporting public key in sorter TA. | 7.8 |
| 2023-12-05 | CVE-2023-28550 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in MPP performance while accessing DSM watermark using external memory address. | 7.8 |
| 2023-12-05 | CVE-2023-28551 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | 7.8 |
| 2023-12-05 | CVE-2023-28587 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. | 7.8 |
| 2023-12-05 | CVE-2023-28588 | Integer Overflow or Wraparound vulnerability in Qualcomm products Transient DOS in Bluetooth Host while rfc slot allocation. | 7.5 |