Vulnerabilities > Qualcomm > Sxr2230P Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-05-06 CVE-2025-21467 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while reading the FW response from the shared queue.
local
low complexity
qualcomm CWE-787
7.8
2025-05-06 CVE-2025-21468 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
local
low complexity
qualcomm CWE-787
7.8
2025-03-03 CVE-2024-43051 Improper Authorization vulnerability in Qualcomm products
Information disclosure while deriving keys for a session for any Widevine use case.
local
low complexity
qualcomm CWE-285
5.5
2025-03-03 CVE-2024-43055 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption while processing camera use case IOCTL call.
local
low complexity
qualcomm CWE-120
7.8
2025-03-03 CVE-2024-43056 Buffer Over-read vulnerability in Qualcomm products
Transient DOS during hypervisor virtual I/O operation in a virtual machine.
local
low complexity
qualcomm CWE-126
6.5
2025-03-03 CVE-2024-43059 Use After Free vulnerability in Qualcomm products
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
local
low complexity
qualcomm CWE-416
7.8
2025-03-03 CVE-2024-43060 Use of Out-of-range Pointer Offset vulnerability in Qualcomm products
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
local
low complexity
qualcomm CWE-823
7.8
2025-03-03 CVE-2024-43061 Use After Free vulnerability in Qualcomm products
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
local
low complexity
qualcomm CWE-416
7.8
2025-03-03 CVE-2024-43062 Use After Free vulnerability in Qualcomm products
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.
local
low complexity
qualcomm CWE-416
7.8
2025-03-03 CVE-2024-45580 Use After Free vulnerability in Qualcomm products
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.
local
low complexity
qualcomm CWE-416
7.8