Total
90 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-21475 | 1 Qualcomm | 472 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 469 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. | |||||
| CVE-2023-33079 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption in Audio while running invalid audio recording from ADSP. | |||||
| CVE-2024-33041 | 1 Qualcomm | 70 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 67 more | 2025-08-11 | N/A | 6.7 MEDIUM |
| Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, | |||||
| CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | |||||
| CVE-2023-22387 | 1 Qualcomm | 542 205, 205 Firmware, 215 and 539 more | 2025-08-11 | N/A | 7.8 HIGH |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. | |||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2025-08-11 | N/A | 8.6 HIGH |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | |||||
| CVE-2023-33067 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2025-08-11 | N/A | 6.7 MEDIUM |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | |||||
| CVE-2023-24855 | 1 Qualcomm | 126 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 123 more | 2025-08-11 | N/A | 9.8 CRITICAL |
| Memory corruption in Modem while processing security related configuration before AS Security Exchange. | |||||
| CVE-2025-25180 | 2025-07-15 | N/A | 7.8 HIGH | ||
| Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. | |||||
| CVE-2025-0467 | 1 Imaginationtech | 1 Ddk | 2025-07-11 | N/A | 8.2 HIGH |
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2025-46806 | 2025-06-02 | N/A | N/A | ||
| A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4. | |||||
| CVE-2024-47893 | 2025-05-19 | N/A | 6.5 MEDIUM | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-45570 | 1 Qualcomm | 116 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 113 more | 2025-05-09 | N/A | 6.6 MEDIUM |
| Memory corruption may occur during IO configuration processing when the IO port count is invalid. | |||||
| CVE-2016-2161 | 1 Apache | 1 Http Server | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. | |||||
| CVE-2024-6603 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-04 | N/A | 7.4 HIGH |
| In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. | |||||
| CVE-2024-1013 | 1 Unixodbc | 1 Unixodbc | 2025-03-26 | N/A | 7.8 HIGH |
| An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken. | |||||
| CVE-2024-12577 | 2025-03-18 | N/A | 7.3 HIGH | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-47900 | 2025-03-14 | N/A | 7.8 HIGH | ||
| Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory. | |||||
| CVE-2024-43060 | 1 Qualcomm | 82 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 79 more | 2025-03-06 | N/A | 7.8 HIGH |
| Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP. | |||||
| CVE-2024-47896 | 2025-03-05 | N/A | 3.3 LOW | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||