Vulnerabilities > Qualcomm > Snapdragon Auto 5G Modem RF GEN 2 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-06 | CVE-2024-49847 | Buffer Over-read vulnerability in Qualcomm products Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE. | 7.5 |
| 2025-05-06 | CVE-2025-21453 | Use After Free vulnerability in Qualcomm products Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur. | 7.8 |
| 2025-05-06 | CVE-2025-21459 | Buffer Over-read vulnerability in Qualcomm products Transient DOS while parsing per STA profile in ML IE. | 7.5 |
| 2025-03-03 | CVE-2024-43051 | Improper Authorization vulnerability in Qualcomm products Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
| 2025-03-03 | CVE-2024-43056 | Buffer Over-read vulnerability in Qualcomm products Transient DOS during hypervisor virtual I/O operation in a virtual machine. | 6.5 |
| 2025-03-03 | CVE-2024-43057 | Use After Free vulnerability in Qualcomm products Memory corruption while processing command in Glink linux. | 7.8 |
| 2025-03-03 | CVE-2024-53023 | Use After Free vulnerability in Qualcomm products Memory corruption may occur while accessing a variable during extended back to back tests. | 7.8 |
| 2025-03-03 | CVE-2024-53027 | Classic Buffer Overflow vulnerability in Qualcomm products Transient DOS may occur while processing the country IE. | 7.5 |
| 2025-03-03 | CVE-2025-21424 | Use After Free vulnerability in Qualcomm products Memory corruption while calling the NPU driver APIs concurrently. | 7.8 |
| 2025-02-03 | CVE-2024-38404 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. | 7.5 |