cbcvebase.

Qualcomm Inc Snapdragon vulnerabilities

940 known vulnerabilities affecting qualcomm_inc/snapdragon.

Total CVEs
940
CISA KEV
8
actively exploited
Public exploits
2
Exploited in wild
8
Severity breakdown
CRITICAL52HIGH738MEDIUM150

Vulnerabilities

Page 29 of 47
CVE-2023-21636P3HIGHCVSS 7.8vAQT1000vQCA6390+49 more2023-09-05
CVE-2023-21636 [HIGH] CWE-129 CVE-2023-21636: Memory Corruption due to improper validation of array index in Linux while updating adn record. Memory Corruption due to improper validation of array index in Linux while updating adn record.
nvd
CVE-2023-21654P3HIGHCVSS 7.8vAPQ8096AUvAQT1000+54 more2023-09-05
CVE-2023-21654 [HIGH] CWE-119 CVE-2023-21654: Memory corruption in Audio during playback session with audio effects enabled. Memory corruption in Audio during playback session with audio effects enabled.
nvd
CVE-2022-40524P3HIGHCVSS 7.8vAQT1000vQCA6390+36 more2023-09-05
CVE-2022-40524 [HIGH] CWE-126 CVE-2022-40524: Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service. Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
nvd
CVE-2023-21638P3HIGHCVSS 7.8vAQT1000vFastConnect 6200+34 more2023-07-04
CVE-2023-21638 [HIGH] CWE-704 CVE-2023-21638: Memory corruption in Video while calling APIs with different instance ID than the one received in in Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.
nvd
CVE-2024-53034P3HIGHCVSS 7.8vFastConnect 6900vFastConnect 7800+6 more2025-03-03
CVE-2024-53034 [HIGH] CWE-822 CVE-2024-53034: Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object h Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset.
nvd
CVE-2018-11952P3HIGHCVSS 7.8vMDM9206vMDM9607+16 more2024-11-26
CVE-2018-11952 [HIGH] CWE-287 CVE-2018-11952: An image with a version lower than the fuse version may potentially be booted lead to improper authe An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
nvd
CVE-2016-10408P3HIGHCVSS 7.8v9206 LTE ModemvAPQ8037+3 more2024-11-26
CVE-2016-10408 [HIGH] CWE-284 CVE-2016-10408: QSEE will randomly experience a fatal error during execution due to speculative instruction fetches QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.
nvd
CVE-2025-47366P3HIGHCVSS 7.8vAR8035vFastConnect 6200+158 more2026-02-02
CVE-2025-47366 [HIGH] CWE-749 CVE-2025-47366: Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrec Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
nvd
CVE-2023-33105P3HIGHCVSS 7.5vAR8035vAR9380+147 more2024-03-04
CVE-2023-33105 [HIGH] CWE-16 CVE-2023-33105: Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent wit Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
nvd
CVE-2023-33062P3HIGHCVSS 7.5v315 5G IoT ModemvAQT1000+291 more2024-01-02
CVE-2023-33062 [HIGH] CWE-126 CVE-2023-33062: Transient DOS in WLAN Firmware while parsing a BTM request. Transient DOS in WLAN Firmware while parsing a BTM request.
nvd
CVE-2023-21625P3HIGHCVSS 7.5vAPQ8009vAPQ8017+44 more2023-08-08
CVE-2023-21625 [HIGH] CWE-126 CVE-2023-21625: Information disclosure in Network Services due to buffer over-read while the device receives DNS res Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
nvd
CVE-2024-33057P3HIGHCVSS 7.5vAR8035vCSR8811+169 more2024-09-02
CVE-2024-33057 [HIGH] CWE-126 CVE-2024-33057: Transient DOS while parsing the multi-link element Control field when common information length chec Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
nvd
CVE-2024-49838P3HIGHCVSS 7.5vAR8035vFastConnect 6200+168 more2025-02-03
CVE-2024-49838 [HIGH] CWE-126 CVE-2024-49838: Information disclosure while parsing the OCI IE with invalid length. Information disclosure while parsing the OCI IE with invalid length.
nvd
CVE-2026-21367P3HIGHCVSS 7.5vAR8035vCologne+148 more2026-04-06
CVE-2026-21367 [HIGH] CWE-126 CVE-2026-21367: Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes durin Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
nvd
CVE-2025-47318P3HIGHCVSS 7.5vAPQ8017vAPQ8064AU+198 more2025-09-24
CVE-2025-47318 [HIGH] CWE-126 CVE-2025-47318: Transient DOS while parsing the EPTM test control message to get the test pattern. Transient DOS while parsing the EPTM test control message to get the test pattern.
nvd
CVE-2024-33058P3HIGHCVSS 7.5vAQT1000vAR8035+182 more2025-04-07
CVE-2024-33058 [HIGH] CWE-1220 CVE-2024-33058: Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP.
nvd
CVE-2025-47383P3HIGHCVSS 7.2v5G Fixed Wireless Access Platformv9206 LTE Modem+204 more2026-03-02
CVE-2025-47383 [HIGH] CWE-325 CVE-2025-47383: Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE. Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
nvd
CVE-2022-33246P3HIGHCVSS 7.8vAPQ8096AUvAQT1000+40 more2023-02-12
CVE-2022-33246 [HIGH] CWE-823 CVE-2022-33246: Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call s Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.
nvd
CVE-2022-33227P3HIGHCVSS 7.8vAQT1000vCSRB31024+67 more2023-06-06
CVE-2022-33227 [HIGH] CWE-415 CVE-2022-33227: Memory corruption in Linux android due to double free while calling unregister provider after regist Memory corruption in Linux android due to double free while calling unregister provider after register call.
nvd
CVE-2022-33266P3HIGHCVSS 7.8vAPQ8009vAPQ8009W+120 more2023-01-09
CVE-2022-33266 [HIGH] CWE-190 CVE-2022-33266: Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content.
nvd