Vulnerabilities > Qualcomm > Snapdragon 730 Mobile Platform Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-02 | CVE-2023-33110 | Race Condition vulnerability in Qualcomm products The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. | 7.0 |
2024-01-02 | CVE-2023-33114 | Use After Free vulnerability in Qualcomm products Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same time. | 7.8 |
2024-01-02 | CVE-2023-43511 | Infinite Loop vulnerability in Qualcomm products Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. | 7.5 |
2023-12-05 | CVE-2023-28546 | Classic Buffer Overflow vulnerability in Qualcomm products Memory Corruption in SPS Application while exporting public key in sorter TA. | 7.8 |
2023-12-05 | CVE-2023-28550 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in MPP performance while accessing DSM watermark using external memory address. | 7.8 |
2023-12-05 | CVE-2023-28551 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | 7.8 |
2023-12-05 | CVE-2023-28585 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Memory corruption while loading an ELF segment in TEE Kernel. | 8.8 |
2023-12-05 | CVE-2023-28586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | 6.5 |
2023-12-05 | CVE-2023-28588 | Integer Overflow or Wraparound vulnerability in Qualcomm products Transient DOS in Bluetooth Host while rfc slot allocation. | 7.5 |
2023-12-05 | CVE-2023-33088 | NULL Pointer Dereference vulnerability in Qualcomm products Memory corruption when processing cmd parameters while parsing vdev. | 7.8 |