Qualcomm Security Vulnerabilities (CVEs)

This vulnerability allows a denial-of-service (DoS) attack on Qualcomm modems when a beam switch request is made with a non-configured bandwidth part ...

This vulnerability in Qualcomm WLAN firmware allows attackers to cause denial of service through a firmware crash when specific wireless network condi...

This vulnerability allows memory corruption in the High-Level Operating System (HLOS) when user-space applications make specific IOCTL calls to Qualco...

This CVE describes a memory corruption vulnerability in the UEFI boot process when running a ListVars test during boot. It affects Qualcomm devices wi...

This vulnerability allows memory corruption in Qualcomm Bluetooth controllers when parsing specific debug commands at the HCI interface level. Attacke...

This vulnerability allows memory corruption while loading ELF segments in the Trusted Execution Environment (TEE) kernel. Attackers could potentially ...

This vulnerability allows memory corruption in Qualcomm modem UTILS when processing Diag commands with arbitrary address values. Attackers could poten...

This vulnerability allows memory corruption in Qualcomm's SPS application when exporting public keys in the sorter TA. Attackers could potentially exe...

This vulnerability allows attackers to cause a denial-of-service (DoS) condition in affected devices by sending specially crafted WLAN beacon or probe...

This vulnerability allows a denial-of-service attack against WLAN firmware when it receives a specially crafted beacon frame containing a T2LM (Target...

CVE-2023-33048 is a buffer overflow vulnerability in Qualcomm WLAN firmware that allows attackers to cause a denial-of-service (DoS) condition by send...

A cryptographic vulnerability in Qualcomm's HLOS (High-Level Operating System) during key management allows potential unauthorized access to sensitive...

This vulnerability allows memory corruption in Qualcomm's Core due to improper secure memory access while loading modem images. Attackers could potent...

This vulnerability allows memory corruption in automotive display systems when destroying image handles created using the connected display driver. At...

This vulnerability allows memory corruption while parsing ADSP response commands in Qualcomm chipsets, potentially enabling remote code execution. It ...

This vulnerability allows attackers to cause a temporary denial-of-service (DoS) in affected Wi-Fi devices by sending specially crafted NAN (Neighborh...

This vulnerability allows memory corruption in the High-Level Operating System (HLOS) when importing cryptographic keys into the KeyMaster Trusted App...

This vulnerability allows information disclosure in Qualcomm data modems during VoLTE calls when an undefined RTCP FB line value is processed. Attacke...

This vulnerability allows memory corruption in Qualcomm's Core component when invoking calls to the Access Control core library with hardware-protecte...

This vulnerability allows memory corruption in Qualcomm data modem chipsets during mobile-originated or mobile-terminated VoLTE calls. Attackers could...

This vulnerability involves weak configuration in Automotive systems when a Virtual Machine (VM) processes listener requests from the Trusted Executio...

This CVE describes a memory corruption vulnerability in Qualcomm graphics drivers that occurs while processing user packets for command submission. At...

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition in WLAN hosts by sending malformed Channel Switch Announcement (CSA...

This vulnerability allows an attacker to cause a denial-of-service (DoS) condition in Qualcomm WLAN firmware by sending specially crafted beacon frame...

This vulnerability allows memory corruption in Qualcomm's WLAN Hardware Abstraction Layer (HAL) when parsing WMI command parameters. Attackers could p...

This vulnerability allows memory corruption in Qualcomm's WLAN Hardware Abstraction Layer (HAL) when processing command streams through WMI interfaces...

This vulnerability allows memory corruption in the WLAN Hardware Abstraction Layer (HAL) when processing devIndex values from untrusted WMI payloads. ...

This vulnerability allows memory corruption in Qualcomm WLAN handlers when processing PhyID in Tx status handlers. It affects devices with Qualcomm ch...

This vulnerability allows memory corruption in Qualcomm's WLAN HAL (Hardware Abstraction Layer) when parsing received network buffers containing TLV (...

This vulnerability allows memory corruption in Qualcomm WLAN firmware when sending transmit commands from the host operating system to UTF handlers. A...

This vulnerability allows memory corruption in Qualcomm WIN Product's UEFI region when invoking the WinAcpi update driver. Attackers could exploit thi...

This vulnerability allows memory corruption in Qualcomm's Core Platform when printing response buffers in logs. Attackers could potentially execute ar...

CVE-2023-21662 is a memory corruption vulnerability in Qualcomm's Core Platform that occurs while printing response buffers in logs. This buffer overf...

This vulnerability allows attackers to cause a denial-of-service condition in Qualcomm modems by sending specially crafted System Information Block 1 ...

CVE-2022-40534 is a memory corruption vulnerability in Qualcomm audio components caused by improper array index validation. Attackers could exploit th...

This vulnerability allows memory corruption in Qualcomm WLAN hardware abstraction layer due to improper array index validation. Attackers could potent...

This vulnerability allows memory corruption in Qualcomm's audio processing module (COmxApeDec) due to integer overflow during memory allocation. Attac...

CVE-2023-22666 is a memory corruption vulnerability in Qualcomm's audio processing component when playing specially crafted AMR-WB+ audio clips. This ...

This cryptographic vulnerability in Qualcomm's HLOS (High-Level Operating System) allows improper authentication during key velocity checks when multi...