Qualcomm Security Vulnerabilities (CVEs)

This CVE describes a memory corruption vulnerability in alignment-based memory allocation functions. Attackers can exploit this to execute arbitrary c...

This CVE describes a buffer overflow vulnerability in Qualcomm software where user-supplied data is added without proper bounds checking, leading to m...

This vulnerability allows memory corruption when accessing the trusted execution environment (TEE) without proper privilege checks. Attackers could po...

This vulnerability allows a denial-of-service (DoS) condition in Qualcomm MAC (Media Access Control) components when an attacker configures a MAC conf...

This vulnerability allows memory corruption when multiple processes concurrently access shared buffers through IOCTL calls in Qualcomm drivers. Attack...

This cryptographic vulnerability in Qualcomm chipsets allows the High-Level Operating System (HLOS) to access the boot loader's certificate chain thro...

This vulnerability allows memory corruption when multiple processes concurrently access a shared buffer during IOCTL calls in Qualcomm components. Att...

This CVE describes a memory corruption vulnerability in Qualcomm Trusted Application (TA) invocation where accessing buffers with invalid length can l...

This vulnerability allows a denial-of-service (DoS) attack against LTE user equipment (UE) when it receives an RLC packet with an invalid transport bl...

This vulnerability allows attackers to cause memory corruption by sending specially crafted IOCTL calls with invalid parameters to sensor property set...

This CVE describes a use-after-free vulnerability in Qualcomm GPU memory management where improper pointer handling during buffer deallocation can cau...

A cryptographic vulnerability in Qualcomm's Trusted Zone when triggered by the High-Level Operating System (HLOS) providing incorrect input. This allo...

This CVE describes an integer overflow vulnerability (CWE-190) in Qualcomm partition handling that could allow memory corruption when calculating offs...

CVE-2025-47359 is a use-after-free vulnerability in Qualcomm memory management APIs that allows memory corruption when multiple threads simultaneously...

A memory corruption vulnerability occurs when launching secure applications on devices with insufficient memory, potentially allowing attackers to exe...

This vulnerability allows an attacker to cause a temporary denial-of-service (DoS) condition by sending specially crafted WLAN management frames conta...

This CVE describes a memory corruption vulnerability in Qualcomm components where incorrect offset calculations during overlapping buffer copy operati...

This CVE describes a memory corruption vulnerability in a Qualcomm kernel driver that could allow attackers to execute arbitrary code with kernel priv...

This CVE describes a memory corruption vulnerability in Qualcomm DSP (Digital Signal Processor) drivers where passing memory pages with unaligned star...

This vulnerability involves memory corruption in sensor IOCTL preprocessing, allowing attackers to potentially execute arbitrary code or cause system ...

This vulnerability allows information disclosure when a weak hashed value is returned to userland code in response to an IOCTL call to obtain a sessio...

This CVE describes a double-free vulnerability in Qualcomm components where concurrent thread access to shared resources can cause memory corruption. ...

This vulnerability allows memory corruption in the trusted application when processing identity credential operations, potentially leading to arbitrar...

This vulnerability involves memory corruption in the trusted application's secure logging command processing, which could allow attackers to execute a...

A cryptographic vulnerability in license data encryption could allow attackers to decrypt or manipulate license information. This affects systems usin...

This CVE describes a memory corruption vulnerability in Qualcomm sensor utility operations that could allow attackers to execute arbitrary code or cau...

This CVE describes a memory corruption vulnerability in Qualcomm video processing components that could allow attackers to execute arbitrary code or c...

This vulnerability involves memory corruption during HDCP session deinitialization, potentially allowing attackers to execute arbitrary code or cause ...

This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm synchronization objects that can lead to memory corruption during concurrent o...

This CVE describes a use-after-free vulnerability (CWE-416) in Qualcomm sensor drivers that occurs during sensor register read operations. Attackers c...

This CVE describes a memory corruption vulnerability in Qualcomm hardware clock configuration parsing. Attackers could potentially execute arbitrary c...

This vulnerability involves memory corruption in Qualcomm camera drivers when processing shared command buffer packets between userspace and kernel. I...

This vulnerability allows memory corruption in Qualcomm's cryptographic driver when handling buffer mapping operations. Attackers could potentially ex...

This vulnerability involves memory corruption when processing configuration calls from userspace in Qualcomm components, potentially allowing local at...

This CVE describes an information disclosure vulnerability in Qualcomm firmware that leaks sensitive data when processing firmware events. It affects ...

This vulnerability allows an attacker to cause a temporary denial of service (DoS) by sending specially crafted video packets to vulnerable systems. I...

This vulnerability allows memory corruption when processing JPEG data through IOCTL calls without proper validation. Attackers could potentially execu...

This vulnerability allows memory corruption in the boot loader when loading invalid firmware, potentially enabling attackers to execute arbitrary code...

This vulnerability allows memory corruption when a user-space application makes concurrent memory mapping and unmapping requests. It affects systems u...

This vulnerability allows attackers to access sensitive information by exploiting improper handling of system calls with invalid parameters. It affect...

This vulnerability allows memory corruption when handling large GPR packets between user and root contexts in Qualcomm components. Attackers could pot...

This vulnerability allows attackers to cause memory corruption through improper handling of IOCTL calls when setting modes. Successful exploitation co...

This vulnerability involves memory corruption when copying packets from Unix domain socket clients, potentially allowing attackers to execute arbitrar...

This vulnerability allows memory corruption during MFC channel configuration while playing music, potentially enabling arbitrary code execution. It af...

This vulnerability exposes internal Trusted Application (TA) communication APIs to the High-Level Operating System (HLOS), allowing unauthorized acces...

This vulnerability allows memory corruption in Qualcomm video processing components when a video session fails to open due to timeout errors. Attacker...

This vulnerability allows a remote attacker to cause a denial of service (DoS) by sending invalid Bluetooth Low Energy (LE) connection requests during...

This vulnerability allows attackers to cause memory corruption by providing invalid userspace addresses to the MCDM IOCTL interface. This affects syst...

This CVE describes a memory corruption vulnerability in Qualcomm IOCTL processing that could allow attackers to execute arbitrary code or cause denial...