Vulnerabilities > Qualcomm > Snapdragon Auto 5G Modem RF Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-06 | CVE-2025-21453 | Use After Free vulnerability in Qualcomm products Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. | 7.8 |
| 2025-05-06 | CVE-2025-21467 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while reading the FW response from the shared queue. | 7.8 |
| 2025-05-06 | CVE-2025-21468 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer. | 7.8 |
| 2025-03-03 | CVE-2024-43051 | Improper Authorization vulnerability in Qualcomm products Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
| 2025-03-03 | CVE-2024-53027 | Classic Buffer Overflow vulnerability in Qualcomm products Transient DOS may occur while processing the country IE. | 7.5 |
| 2025-03-03 | CVE-2025-21424 | Use After Free vulnerability in Qualcomm products Memory corruption while calling the NPU driver APIs concurrently. | 7.8 |
| 2024-12-02 | CVE-2024-33044 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption while Configuring the SMR/S2CR register in Bypass mode. | 7.8 |
| 2024-12-02 | CVE-2024-33056 | Out-of-bounds Read vulnerability in Qualcomm products Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | 7.8 |
| 2024-11-04 | CVE-2024-38408 | Unspecified vulnerability in Qualcomm products Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. | 9.1 |
| 2024-11-04 | CVE-2024-38415 | Use After Free vulnerability in Qualcomm products Memory corruption while handling session errors from firmware. | 7.8 |