Vulnerabilities > Qualcomm > Snapdragon XR2 5G Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-10-07 CVE-2024-43047 Use After Free vulnerability in Qualcomm products
Memory corruption while maintaining memory maps of HLOS memory.
local
low complexity
qualcomm CWE-416
7.8
2024-09-02 CVE-2024-33042 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when Alternative Frequency offset value is set to 255.
local
low complexity
qualcomm CWE-787
7.8
2024-09-02 CVE-2024-33051 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
network
low complexity
qualcomm CWE-125
7.5
2024-09-02 CVE-2024-33052 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when user provides data for FM HCI command control operations.
local
low complexity
qualcomm CWE-787
7.8
2024-09-02 CVE-2024-33060 Use After Free vulnerability in Qualcomm products
Memory corruption when two threads try to map and unmap a single node simultaneously.
local
low complexity
qualcomm CWE-416
7.8
2024-06-03 CVE-2023-43538 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
local
low complexity
qualcomm CWE-120
7.8
2024-06-03 CVE-2023-43551 Improper Authentication vulnerability in Qualcomm products
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
network
low complexity
qualcomm CWE-287
7.5
2024-06-03 CVE-2023-43555 Out-of-bounds Read vulnerability in Qualcomm products
Information disclosure in Video while parsing mp2 clip with invalid section length.
network
low complexity
qualcomm CWE-125
7.5
2024-05-06 CVE-2023-33119 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Qualcomm products
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
local
high complexity
qualcomm CWE-367
7.0
2024-05-06 CVE-2023-43521 Use After Free vulnerability in Qualcomm products
Memory corruption when multiple listeners are being registered with the same file descriptor.
local
low complexity
qualcomm CWE-416
7.8