Qualcomm Inc Snapdragon vulnerabilities
908 known vulnerabilities affecting qualcomm_inc/snapdragon.
Total CVEs
908
CISA KEV
8
actively exploited
Public exploits
0
Exploited in wild
4
Severity breakdown
CRITICAL51HIGH715MEDIUM142
Vulnerabilities
Page 36 of 46
CVE-2022-40534HIGHCVSS 7.8vFastConnect 6900vFastConnect 7800+9 more2023-09-05
CVE-2022-40534 [HIGH] CWE-129 CVE-2022-40534: Memory corruption due to improper validation of array index in Audio.
Memory corruption due to improper validation of array index in Audio.
nvd
CVE-2023-28549HIGHCVSS 7.8v315 5G IoT ModemvAQT1000+226 more2023-09-05
CVE-2023-28549 [HIGH] CWE-119 CVE-2023-28549: Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.
nvd
CVE-2023-21663HIGHCVSS 7.8vAQT1000vQCA6420+36 more2023-09-05
CVE-2023-21663 [HIGH] CWE-119 CVE-2023-21663: Memory Corruption while accessing metadata in Display.
Memory Corruption while accessing metadata in Display.
nvd
CVE-2023-21654HIGHCVSS 7.8vAPQ8096AUvAQT1000+54 more2023-09-05
CVE-2023-21654 [HIGH] CWE-119 CVE-2023-21654: Memory corruption in Audio during playback session with audio effects enabled.
Memory corruption in Audio during playback session with audio effects enabled.
nvd
CVE-2023-28564HIGHCVSS 7.8vAQT1000vAR8031+242 more2023-09-05
CVE-2023-28564 [HIGH] CWE-823 CVE-2023-28564: Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.
nvd
CVE-2023-33016HIGHCVSS 7.5vCSR8811vFastConnect 6900+64 more2023-09-05
CVE-2023-33016 [HIGH] CWE-126 CVE-2023-33016: Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
nvd
CVE-2022-40524HIGHCVSS 7.8vAQT1000vQCA6390+36 more2023-09-05
CVE-2022-40524 [HIGH] CWE-126 CVE-2022-40524: Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.
nvd
CVE-2023-33015HIGHCVSS 7.5v315 5G IoT ModemvAQT1000+187 more2023-09-05
CVE-2023-33015 [HIGH] CWE-126 CVE-2023-33015: Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
nvd
CVE-2023-28544HIGHCVSS 7.8vAQT1000vAR9380+207 more2023-09-05
CVE-2023-28544 [HIGH] CWE-120 CVE-2023-28544: Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.
nvd
CVE-2023-21667MEDIUMCVSS 6.5vQCA6390vQCA6391+41 more2023-09-05
CVE-2023-21667 [MEDIUM] CWE-126 CVE-2023-21667: Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.
nvd
CVE-2022-33220MEDIUMCVSS 5.5vAQT1000vQAM8295P+43 more2023-09-05
CVE-2022-33220 [MEDIUM] CWE-126 CVE-2022-33220: Information disclosure in Automotive multimedia due to buffer over-read.
Information disclosure in Automotive multimedia due to buffer over-read.
nvd
CVE-2023-28561CRITICALCVSS 9.8vQCN76062023-08-08
CVE-2023-28561 [CRITICAL] CWE-120 CVE-2023-28561: Memory corruption in QESL while processing payload from external ESL device to firmware.
Memory corruption in QESL while processing payload from external ESL device to firmware.
nvd
CVE-2022-40510CRITICALCVSS 9.8vAPQ8009vAPQ8009W+202 more2023-08-08
CVE-2022-40510 [CRITICAL] CWE-457 CVE-2022-40510: Memory corruption due to buffer copy without checking size of input in Audio while voice call with E
Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
nvd
CVE-2023-21649HIGHCVSS 7.8vAPQ8096AUvAQT1000+63 more2023-08-08
CVE-2023-21649 [HIGH] CWE-120 CVE-2023-21649: Memory corruption in WLAN while running doDriverCmd for an unspecific command.
Memory corruption in WLAN while running doDriverCmd for an unspecific command.
nvd
CVE-2023-21648HIGHCVSS 7.8vAQT1000vQCA6391+32 more2023-08-08
CVE-2023-21648 [HIGH] CWE-680 CVE-2023-21648: Memory corruption in RIL while trying to send apdu packet.
Memory corruption in RIL while trying to send apdu packet.
nvd
CVE-2023-21643HIGHCVSS 7.8vAPQ8064AUvAPQ8096AU+22 more2023-08-08
CVE-2023-21643 [HIGH] CWE-822 CVE-2023-21643: Memory corruption due to untrusted pointer dereference in automotive during system call.
Memory corruption due to untrusted pointer dereference in automotive during system call.
nvd
CVE-2023-28577HIGHCVSS 7.8vFastConnect 6800vFastConnect 6900+29 more2023-08-08
CVE-2023-28577 [HIGH] CWE-416 CVE-2023-28577: In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being use
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel address.
nvd
CVE-2023-21650HIGHCVSS 7.8vAQT1000vCSRB31024+49 more2023-08-08
CVE-2023-21650 [HIGH] CWE-129 CVE-2023-21650: Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.
nvd
CVE-2023-22666HIGHCVSS 7.8vAPQ8009vAPQ8017+170 more2023-08-08
CVE-2023-22666 [HIGH] CWE-190 CVE-2023-22666: Memory Corruption in Audio while playing amrwbplus clips with modified content.
Memory Corruption in Audio while playing amrwbplus clips with modified content.
nvd
CVE-2023-21625HIGHCVSS 7.5vAPQ8009vAPQ8017+44 more2023-08-08
CVE-2023-21625 [HIGH] CWE-126 CVE-2023-21625: Information disclosure in Network Services due to buffer over-read while the device receives DNS res
Information disclosure in Network Services due to buffer over-read while the device receives DNS response.
nvd