Vulnerabilities > Qualcomm > Snapdragon X70 Modem RF System Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-23385 | Reachable Assertion vulnerability in Qualcomm products Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. | 6.5 |
| 2024-07-01 | CVE-2024-21462 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while loading the TA ELF file. | 5.5 |
| 2024-02-06 | CVE-2023-33060 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS in Core when DDR memory check is called while DDR is not initialized. | 5.5 |
| 2024-01-02 | CVE-2023-33014 | Improper Input Validation vulnerability in Qualcomm products Information disclosure in Core services while processing a Diag command. | 6.8 |
| 2023-12-05 | CVE-2023-28586 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | 6.5 |
| 2023-06-06 | CVE-2022-22076 | Unspecified vulnerability in Qualcomm products information disclosure due to cryptographic issue in Core during RPMB read request. | 5.5 |
| 2023-06-06 | CVE-2022-40523 | Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products Information disclosure in Kernel due to indirect branch misprediction. | 5.5 |
| 2023-04-13 | CVE-2022-33270 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message. | 5.9 |
| 2023-04-13 | CVE-2022-33289 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | 6.8 |