Vulnerabilities > Qualcomm > Snapdragon XR2 GEN 1 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-03 | CVE-2024-43051 | Improper Authorization vulnerability in Qualcomm products Information disclosure while deriving keys for a session for any Widevine use case. | 5.5 |
| 2025-03-03 | CVE-2024-53014 | Improper Validation of Array Index vulnerability in Qualcomm products Memory corruption may occur while validating ports and channels in Audio driver. | 7.8 |
| 2025-03-03 | CVE-2024-53027 | Classic Buffer Overflow vulnerability in Qualcomm products Transient DOS may occur while processing the country IE. | 7.5 |
| 2025-03-03 | CVE-2025-21424 | Use After Free vulnerability in Qualcomm products Memory corruption while calling the NPU driver APIs concurrently. | 7.8 |
| 2025-02-03 | CVE-2024-49838 | Out-of-bounds Read vulnerability in Qualcomm products Information disclosure while parsing the OCI IE with invalid length. | 7.5 |
| 2024-09-02 | CVE-2024-33042 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when Alternative Frequency offset value is set to 255. | 7.8 |
| 2024-09-02 | CVE-2024-33051 | Out-of-bounds Read vulnerability in Qualcomm products Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. | 7.5 |
| 2024-09-02 | CVE-2024-33052 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption when user provides data for FM HCI command control operations. | 7.8 |
| 2024-09-02 | CVE-2024-33060 | Use After Free vulnerability in Qualcomm products Memory corruption when two threads try to map and unmap a single node simultaneously. | 7.8 |
| 2024-04-01 | CVE-2023-28547 | Out-of-bounds Write vulnerability in Qualcomm products Memory corruption in SPS Application while requesting for public key in sorter TA. | 7.8 |