Vulnerabilities > Qualcomm > Snapdragon XR2 5G Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-03 | CVE-2024-43051 | Improper Authorization vulnerability in Qualcomm products Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
| 2025-03-03 | CVE-2024-43056 | Buffer Over-read vulnerability in Qualcomm products Transient DOS during hypervisor virtual I/O operation in a virtual machine. | 6.5 |
| 2025-03-03 | CVE-2024-43057 | Use After Free vulnerability in Qualcomm products Memory corruption while processing command in Glink linux. | 7.8 |
| 2025-03-03 | CVE-2024-53014 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption may occur while validating ports and channels in Audio driver. | 7.8 |
| 2025-03-03 | CVE-2024-53027 | Classic Buffer Overflow vulnerability in Qualcomm products Transient DOS may occur while processing the country IE. | 7.5 |
| 2025-03-03 | CVE-2025-21424 | Use After Free vulnerability in Qualcomm products Memory corruption while calling the NPU driver APIs concurrently. | 7.8 |
| 2025-02-03 | CVE-2024-38418 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products Memory corruption while parsing the memory map info in IOCTL calls. | 7.0 |
| 2025-02-03 | CVE-2024-38420 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption while configuring a Hypervisor based input virtual device. | 7.8 |
| 2025-02-03 | CVE-2024-49838 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while parsing the OCI IE with invalid length. | 7.5 |
| 2025-01-06 | CVE-2024-33067 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. | 5.5 |