Vulnerabilities > Qualcomm > Wcd9385 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2025-05-06 CVE-2025-21462 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.
local
low complexity
qualcomm CWE-787
7.8
2025-05-06 CVE-2025-21467 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while reading the FW response from the shared queue.
local
low complexity
qualcomm CWE-787
7.8
2025-05-06 CVE-2025-21468 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer.
local
low complexity
qualcomm CWE-787
7.8
2025-05-06 CVE-2025-21469 Improper Access Control vulnerability in Qualcomm products
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call.
local
low complexity
qualcomm CWE-284
7.8
2025-05-06 CVE-2025-21470 Improper Access Control vulnerability in Qualcomm products
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter.
local
low complexity
qualcomm CWE-284
7.8
2025-05-06 CVE-2025-21475 Buffer Over-read vulnerability in Qualcomm products
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.
local
low complexity
qualcomm CWE-126
7.8
2025-03-03 CVE-2024-43055 Classic Buffer Overflow vulnerability in Qualcomm products
Memory corruption while processing camera use case IOCTL call.
local
low complexity
qualcomm CWE-120
7.8
2025-03-03 CVE-2024-43057 Use After Free vulnerability in Qualcomm products
Memory corruption while processing command in Glink linux.
local
low complexity
qualcomm CWE-416
7.8
2025-03-03 CVE-2024-43059 Use After Free vulnerability in Qualcomm products
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
local
low complexity
qualcomm CWE-416
7.8
2025-03-03 CVE-2024-43060 Use of Out-of-range Pointer Offset vulnerability in Qualcomm products
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
local
low complexity
qualcomm CWE-823
7.8