Vulnerabilities > Qualcomm > Wcd9380 Firmware

DATE CVE VULNERABILITY TITLE RISK
2024-09-02 CVE-2024-33054 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.
local
low complexity
qualcomm CWE-787
7.8
2024-09-02 CVE-2024-33057 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
network
low complexity
qualcomm CWE-125
7.5
2024-09-02 CVE-2024-33060 Use After Free vulnerability in Qualcomm products
Memory corruption when two threads try to map and unmap a single node simultaneously.
local
low complexity
qualcomm CWE-416
7.8
2024-09-02 CVE-2024-38402 Use After Free vulnerability in Qualcomm products
Memory corruption while processing IOCTL call for getting group info.
local
low complexity
qualcomm CWE-416
7.8
2024-07-01 CVE-2023-43554 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while processing IOCTL handler in FastRPC.
local
low complexity
qualcomm CWE-787
7.8
2024-07-01 CVE-2024-21460 Use of Insufficiently Random Values vulnerability in Qualcomm products
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
local
low complexity
qualcomm CWE-330
6.5
2024-07-01 CVE-2024-21461 Double Free vulnerability in Qualcomm products
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
local
low complexity
qualcomm CWE-415
7.8
2024-07-01 CVE-2024-21462 Out-of-bounds Read vulnerability in Qualcomm products
Transient DOS while loading the TA ELF file.
local
low complexity
qualcomm CWE-125
5.5
2024-07-01 CVE-2024-21465 Out-of-bounds Read vulnerability in Qualcomm products
Memory corruption while processing key blob passed by the user.
local
low complexity
qualcomm CWE-125
7.8
2024-07-01 CVE-2024-21469 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
local
low complexity
qualcomm CWE-787
7.8