Qualcomm Security Vulnerabilities (CVEs)

This vulnerability in Automotive Telematics systems allows attackers to cause a Denial of Service (DoS) by sending specially crafted messages that tri...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition by sending specially crafted ASN.1 OER messages containing unknown ex...

This CVE describes a memory corruption vulnerability in Qualcomm's trusted execution environment when processing buffer initialization for certain rep...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm devices by sending specially crafted DL NAS TRANSPORT mes...

This vulnerability allows a denial-of-service (DoS) attack on 5G NR (New Radio) devices by sending specially crafted SMS messages with non-standard co...

This CVE describes a memory corruption vulnerability in the SPS Application's sorter Trusted Application (TA) when requesting public keys. Successful ...

This vulnerability allows memory corruption when processing QMI requests for memory allocation in DHMS-supported subsystems. It affects Qualcomm chips...

This vulnerability allows memory corruption when parsing QCP audio files with invalid chunk data sizes. Attackers could potentially execute arbitrary ...

This vulnerability allows memory corruption when invoking the HGSL IOCTL context create function in Qualcomm GPU drivers. Attackers could potentially ...

This CVE describes a memory corruption vulnerability in Qualcomm's FM HCI driver when processing IOCTL WRITE requests. Attackers could exploit this to...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm WLAN systems by sending a large number of malformed authe...

This vulnerability in Qualcomm chipsets allows a denial-of-service attack when processing CAG (Closed Access Group) information elements from network ...

This vulnerability in Qualcomm's NR (New Radio) DL NAS transport OTA processing allows an attacker to cause a denial-of-service (DoS) by sending speci...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition by sending malformed IE fragments during DTLS handshake negotiations....

This vulnerability allows memory corruption in Qualcomm audio drivers when processing RT proxy port register operations. Attackers could potentially e...

This vulnerability in Qualcomm components allows a denial-of-service (DoS) attack when parsing files with specific length characteristics. It affects ...

This vulnerability allows memory corruption when a Wi-Fi station connects to an access point due to improper validation of TID to Link Mapping action ...

This vulnerability allows memory corruption when reading ACPI configuration through user mode applications on Qualcomm chipsets. Attackers could poten...

This vulnerability in Qualcomm chipsets allows a denial-of-service attack when processing empty or NULL encrypted keys during key unwrapping. It affec...

This vulnerability allows memory corruption in video processing when parsing Videoinfo atoms with sizes larger than expected. Attackers could potentia...

This CVE describes a memory corruption vulnerability in Qualcomm's Automotive Multimedia systems due to improper access control in the Hardware Abstra...

This vulnerability allows memory corruption in Qualcomm hardware components when processing event rings, where an untrusted context read pointer can b...

This vulnerability allows information disclosure in Qualcomm modem chipsets while processing System Information Block 5 (SIB5) messages. Attackers can...

CVE-2023-33049 is a heap memory leak vulnerability in Qualcomm's Multi-Mode Call Processor that can cause a denial of service (DoS) when user equipmen...

This vulnerability allows memory corruption through improper handling of IOCTL calls for internal memory mapping/unmapping operations in Qualcomm comp...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition in Qualcomm WLAN firmware by sending specially crafted IPv6 packets w...

This CVE describes a use-after-free vulnerability in Qualcomm's Sound Technology Hardware Abstraction Layer (ST HAL) when processing Listen Sound Mode...

This vulnerability in Qualcomm's WIN WLAN driver allows a denial-of-service (DoS) attack when parsing specific wireless network management frames. Att...

This vulnerability allows memory corruption when the Qualcomm resource manager sends fragmented reply messages to the host kernel. Attackers could exp...

This CVE describes a race condition vulnerability in Qualcomm's PCM host voice audio driver where improper session index handling during event callbac...

This vulnerability allows memory corruption in Qualcomm's Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued....

This vulnerability involves memory corruption in Qualcomm wearable devices while processing data from the Always-On (AON) subsystem. Attackers could p...

This vulnerability allows a remote attacker to cause a denial-of-service (DoS) condition in Qualcomm's Data Modem during DTLS handshake processing. It...

This vulnerability allows an untrusted virtual machine without Power State Coordination Interface (PSCI) support to make a PSCI call, causing a perman...

This vulnerability in Qualcomm Core services allows information disclosure when processing Diag commands. Attackers could potentially access sensitive...

This vulnerability allows memory corruption in Qualcomm GPU drivers when processing large sync point lists in AUX commands. Attackers can potentially ...

This vulnerability allows attackers to cause a temporary denial-of-service (DoS) in WLAN firmware by sending specially crafted Fast Transition Managem...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition by sending specially crafted WLAN packets that trigger a NULL pointer...

This vulnerability involves memory corruption in Qualcomm's Core component while processing RX intent requests, potentially allowing attackers to exec...

CVE-2023-33081 is a buffer overflow vulnerability in Qualcomm chipsets that occurs when processing Target Wake Time (TWT) frame parameters in over-the...

This vulnerability allows memory corruption in the Audio subsystem when processing invalid audio recording data from the ADSP (Audio Digital Signal Pr...

CVE-2023-33070 is a vulnerability in Qualcomm Automotive OS where improper authentication to secure IO calls allows attackers to cause a transient den...

This vulnerability allows memory corruption in Qualcomm kernel components when parsing metadata, potentially enabling local privilege escalation or de...