Vulnerabilities > Qualcomm > Snapdragon Auto 5G Modem RF Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-05-06 CVE-2025-21453 Use After Free vulnerability in Qualcomm products
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
local
low complexity
qualcomm CWE-416
7.8
2025-05-06 CVE-2025-21467 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while reading the FW response from the shared queue.
local
low complexity
qualcomm CWE-787
7.8
2025-05-06 CVE-2025-21468 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
local
low complexity
qualcomm CWE-787
7.8
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5
2025-03-03 CVE-2024-53027 Classic Buffer Overflow vulnerability in Qualcomm products
Transient DOS may occur while processing the country IE.
network
low complexity
qualcomm CWE-120
7.5
2025-03-03 CVE-2025-21424 Use After Free vulnerability in Qualcomm products
Memory corruption while calling the NPU driver APIs concurrently.
local
low complexity
qualcomm CWE-416
7.8
2024-12-02 CVE-2024-33044 Improper Validation of Array Index vulnerability in Qualcomm products
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.
local
low complexity
qualcomm CWE-129
7.8
2024-12-02 CVE-2024-33056 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
local
low complexity
qualcomm CWE-125
7.8
2024-11-04 CVE-2024-38408 Unspecified vulnerability in Qualcomm products
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
network
low complexity
qualcomm
critical
9.1
2024-11-04 CVE-2024-38415 Use After Free vulnerability in Qualcomm products
Memory corruption while handling session errors from firmware.
local
low complexity
qualcomm CWE-416
7.8