Vulnerabilities > Qualcomm > Snapdragon 865 5G Mobile Platform Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-33032 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.
local
low complexity
qualcomm CWE-129
6.7
2024-11-04 CVE-2024-38408 Unspecified vulnerability in Qualcomm products
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
network
low complexity
qualcomm
critical
9.1
2024-11-04 CVE-2024-38415 Use After Free vulnerability in Qualcomm products
Memory corruption while handling session errors from firmware.
local
low complexity
qualcomm CWE-416
7.8
2024-11-04 CVE-2024-38422 Unspecified vulnerability in Qualcomm products
Memory corruption while processing voice packet with arbitrary data received from ADSP.
local
low complexity
qualcomm
7.8
2024-11-04 CVE-2024-38423 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption while processing GPU page table switch.
local
low complexity
qualcomm CWE-120
7.8
2024-10-07 CVE-2024-23369 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
local
low complexity
qualcomm CWE-119
7.8
2024-10-07 CVE-2024-33069 Use After Free vulnerability in Qualcomm products
Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.
network
low complexity
qualcomm CWE-416
7.5
2024-08-05 CVE-2024-33014 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing ESP IE from beacon/probe response frame.
network
low complexity
qualcomm CWE-125
7.5
2024-08-05 CVE-2024-33020 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while processing TID-to-link mapping IE elements.
network
low complexity
qualcomm CWE-125
7.5
2024-08-05 CVE-2024-33023 Use After Free vulnerability in Qualcomm products
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
local
low complexity
qualcomm CWE-416
7.8