Vulnerabilities > Qualcomm > Snapdragon X75 5G Modem RF Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-06 | CVE-2024-45558 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | 7.5 |
| 2024-09-02 | CVE-2024-38402 | Use After Free vulnerability in Qualcomm products Memory corruption while processing IOCTL call for getting group info. | 7.8 |
| 2024-06-03 | CVE-2023-43537 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while handling T2LM Action Frame in WLAN Host. | 7.5 |
| 2024-06-03 | CVE-2023-43538 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization. | 7.8 |
| 2024-06-03 | CVE-2023-43544 | Use After Free vulnerability in Qualcomm products Memory corruption when IPC callback handle is used after it has been released during register callback by another thread. | 7.8 |
| 2024-06-03 | CVE-2023-43545 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption when more scan frequency list or channels are sent from the user space. | 7.8 |
| 2024-06-03 | CVE-2023-43551 | Improper Authentication vulnerability in Qualcomm products Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. | 7.5 |
| 2024-05-06 | CVE-2023-33119 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache. | 7.0 |
| 2024-05-06 | CVE-2023-43521 | Use After Free vulnerability in Qualcomm products Memory corruption when multiple listeners are being registered with the same file descriptor. | 7.8 |
| 2024-05-06 | CVE-2023-43524 | Classic Buffer Overflow vulnerability in Qualcomm products Memory corruption when the bandpass filter order received from AHAL is not within the expected range. | 7.8 |