cbcvebase.

Qualcomm Inc Snapdragon vulnerabilities

940 known vulnerabilities affecting qualcomm_inc/snapdragon.

Total CVEs
940
CISA KEV
8
actively exploited
Public exploits
2
Exploited in wild
8
Severity breakdown
CRITICAL52HIGH738MEDIUM150

Vulnerabilities

Page 36 of 47
CVE-2023-33020P3HIGHCVSS 7.5v9206 LTE ModemvAPQ8017+80 more2023-09-05
CVE-2023-33020 [HIGH] CWE-285 CVE-2023-33020: Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA du Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.
nvd
CVE-2024-33051P3HIGHCVSS 7.5v315 5G IoT Modemv9206 LTE Modem+289 more2024-09-02
CVE-2024-33051 [HIGH] CWE-126 CVE-2024-33051: Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
nvd
CVE-2024-23364P3HIGHCVSS 7.5vAR8035vFastConnect 6200+176 more2024-09-02
CVE-2024-23364 [HIGH] CWE-126 CVE-2024-23364: Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSS Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).
nvd
CVE-2024-33019P3HIGHCVSS 7.5vAR8035vCSR8811+147 more2024-08-05
CVE-2024-33019 [HIGH] CWE-126 CVE-2024-33019: Transient DOS while parsing the received TID-to-link mapping action frame. Transient DOS while parsing the received TID-to-link mapping action frame.
nvd
CVE-2024-33011P3HIGHCVSS 7.5vAR8035vAR9380+247 more2024-08-05
CVE-2024-33011 [HIGH] CWE-126 CVE-2024-33011: Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
nvd
CVE-2024-33015P3HIGHCVSS 7.5vAR8035vCSR8811+193 more2024-08-05
CVE-2024-33015 [HIGH] CWE-126 CVE-2024-33015: Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the las Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
nvd
CVE-2024-33010P3HIGHCVSS 7.5vAR8035vAR9380+246 more2024-08-05
CVE-2024-33010 [HIGH] CWE-416 CVE-2024-33010: Transient DOS while parsing fragments of MBSSID IE from beacon frame. Transient DOS while parsing fragments of MBSSID IE from beacon frame.
nvd
CVE-2024-33024P3HIGHCVSS 7.5vAR8035vCSR8811+179 more2024-08-05
CVE-2024-33024 [HIGH] CWE-190 CVE-2024-33024: Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML I Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.
nvd
CVE-2024-33013P3HIGHCVSS 7.5vAR8035vCSR8811+168 more2024-08-05
CVE-2024-33013 [HIGH] CWE-126 CVE-2024-33013: Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE len Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
nvd
CVE-2024-33026P3HIGHCVSS 7.5vAR8035vCSR8811+163 more2024-08-05
CVE-2024-33026 [HIGH] CWE-126 CVE-2024-33026: Transient DOS while parsing probe response and assoc response frame when received frame length is le Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
nvd
CVE-2024-33063P3HIGHCVSS 7.5vAR8035vFastConnect 6900+122 more2024-12-02
CVE-2024-33063 [HIGH] CWE-190 CVE-2024-33063: Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater tha Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.
nvd
CVE-2024-23358P3HIGHCVSS 7.5vAPQ8017vAPQ8037+51 more2024-09-02
CVE-2024-23358 [HIGH] CWE-126 CVE-2024-23358: Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.
nvd
CVE-2025-21430P3HIGHCVSS 7.5v315 5G IoT ModemvAPQ8017+223 more2025-04-07
CVE-2025-21430 [HIGH] CWE-126 CVE-2025-21430: Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec se Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session.
nvd
CVE-2025-21463P3HIGHCVSS 7.5vAR8035vCSR8811+209 more2025-06-03
CVE-2025-21463 [HIGH] CWE-126 CVE-2025-21463: Transient DOS while processing the EHT operation IE in the received beacon frame. Transient DOS while processing the EHT operation IE in the received beacon frame.
nvd
CVE-2025-21473P3HIGHCVSS 7.0vFastConnect 6900vFastConnect 7800+4 more2025-08-06
CVE-2025-21473 [HIGH] CWE-367 CVE-2025-21473: Memory corruption when using Virtual cdm (Camera Data Mover) to write registers. Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.
nvd
CVE-2024-53011P4HIGHCVSS 7.9vFastConnect 6700vFastConnect 6900+81 more2025-03-03
CVE-2024-53011 [HIGH] CWE-264 CVE-2024-53011: Information disclosure may occur due to improper permission and access controls to Video Analytics e Information disclosure may occur due to improper permission and access controls to Video Analytics engine.
nvd
CVE-2023-28575P4HIGHCVSS 7.8vAQT1000vC-V2X 9150+58 more2023-08-08
CVE-2023-28575 [HIGH] CWE-823 CVE-2023-28575: The cam_get_device_priv function does not check the type of handle being returned (device/session/li The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it.
nvd
CVE-2023-33042P4HIGHCVSS 7.5v315 5G IoT ModemvAR8035+71 more2023-12-05
CVE-2023-33042 [HIGH] CWE-20 CVE-2023-33042: Transient DOS in Modem after RRC Setup message is received. Transient DOS in Modem after RRC Setup message is received.
nvd
CVE-2023-33081P4HIGHCVSS 7.5vAQT1000vAR8035+140 more2023-12-05
CVE-2023-33081 [HIGH] CWE-126 CVE-2023-33081: Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.
nvd
CVE-2022-40512P4HIGHCVSS 7.5vAPQ8009vAPQ8017+293 more2023-02-12
CVE-2022-40512 [HIGH] CWE-126 CVE-2022-40512: Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
nvd