Qualcomm Inc Snapdragon vulnerabilities
940 known vulnerabilities affecting qualcomm_inc/snapdragon.
Total CVEs
940
CISA KEV
8
actively exploited
Public exploits
2
Exploited in wild
8
Severity breakdown
CRITICAL52HIGH738MEDIUM150
Vulnerabilities
Page 41 of 47
CVE-2023-28576P4HIGHCVSS 7.0vFastConnect 6800vFastConnect 6900+29 more2023-08-08
CVE-2023-28576 [HIGH] CWE-367 CVE-2023-28576: The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in users
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to out-of-bounds read/write issues.
nvd
CVE-2024-33016P4MEDIUMCVSS 6.8v315 5G IoT Modemv9205 LTE Modem+326 more2024-09-02
CVE-2024-33016 [MEDIUM] CWE-119 CVE-2024-33016: memory corruption when an invalid firehose patch command is invoked.
memory corruption when an invalid firehose patch command is invoked.
nvd
CVE-2024-33036P4MEDIUMCVSS 6.7vC-V2X 9150vFastConnect 6800+50 more2024-12-02
CVE-2024-33036 [MEDIUM] CWE-823 CVE-2024-33036: Memory corruption while parsing sensor packets in camera driver, user-space variable is used while a
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
nvd
CVE-2024-33030P4MEDIUMCVSS 6.7vAR8035vFastConnect 6900+20 more2024-11-04
CVE-2024-33030 [MEDIUM] CWE-120 CVE-2024-33030: Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than e
Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.
nvd
CVE-2024-23386P4MEDIUMCVSS 6.7vFastConnect 6900vFastConnect 7800+8 more2024-11-04
CVE-2024-23386 [MEDIUM] CWE-20 CVE-2024-23386: memory corruption when WiFi display APIs are invoked with large random inputs.
memory corruption when WiFi display APIs are invoked with large random inputs.
nvd
CVE-2025-59612P4MEDIUMCVSS 6.7vColognevFastConnect 6700+27 more2026-06-01
CVE-2025-59612 [MEDIUM] CWE-121 CVE-2025-59612: Memory corruption in windows drivers while sending incorrect trusted application request
Memory corruption in windows drivers while sending incorrect trusted application request
nvd
CVE-2025-47336P4MEDIUMCVSS 6.7vFastConnect 7800vQMP1000+16 more2026-01-07
CVE-2025-47336 [MEDIUM] CWE-416 CVE-2025-47336: Memory corruption while performing sensor register read operations.
Memory corruption while performing sensor register read operations.
nvd
CVE-2024-45544P4MEDIUMCVSS 6.6vC-V2X 9150vFastConnect 6800+42 more2025-04-07
CVE-2024-45544 [MEDIUM] CWE-416 CVE-2024-45544: Memory corruption while processing IOCTL calls to add route entry in the HW.
Memory corruption while processing IOCTL calls to add route entry in the HW.
nvd
CVE-2024-53015P4MEDIUMCVSS 6.6vAQT1000vFastConnect 6200+89 more2025-06-03
CVE-2024-53015 [MEDIUM] CWE-416 CVE-2024-53015: Memory corruption while processing IOCTL command to handle buffers associated with a session.
Memory corruption while processing IOCTL command to handle buffers associated with a session.
nvd
CVE-2025-27039P4MEDIUMCVSS 6.6vFastConnect 6900vFastConnect 7800+7 more2025-10-09
CVE-2025-27039 [MEDIUM] CWE-390 CVE-2025-27039: Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
nvd
CVE-2024-38403P4MEDIUMCVSS 6.5vAR8035vFastConnect 6900+76 more2024-11-04
CVE-2024-38403 [MEDIUM] CWE-126 CVE-2024-38403: Transient DOS while parsing BTM ML IE when per STA profile is not included.
Transient DOS while parsing BTM ML IE when per STA profile is not included.
nvd
CVE-2024-33068P4MEDIUMCVSS 6.5vAR8035vFastConnect 6900+120 more2024-11-04
CVE-2024-33068 [MEDIUM] CWE-416 CVE-2024-33068: Transient DOS while parsing fragments of MBSSID IE from beacon frame.
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
nvd
CVE-2024-23385P4MEDIUMCVSS 6.5vAPQ8017vAPQ8037+92 more2024-11-04
CVE-2024-23385 [MEDIUM] CWE-617 CVE-2024-23385: Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
nvd
CVE-2024-23362P4HIGHCVSS 7.1v9205 LTE ModemvAQT1000+225 more2024-09-02
CVE-2024-23362 [HIGH] CWE-20 CVE-2024-23362: Cryptographic issue while parsing RSA keys in COBR format.
Cryptographic issue while parsing RSA keys in COBR format.
nvd
CVE-2023-21652P4HIGHCVSS 7.1vAQT1000vAR8035+118 more2023-08-08
CVE-2023-21652 [HIGH] CWE-320 CVE-2023-21652: Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use.
nvd
CVE-2025-21482P4HIGHCVSS 7.1v315 5G IoT Modemv9205 LTE Modem+281 more2025-09-24
CVE-2025-21482 [HIGH] CWE-310 CVE-2025-21482: Cryptographic issue while performing RSA PKCS padding decoding.
Cryptographic issue while performing RSA PKCS padding decoding.
nvd
CVE-2023-33110P4HIGHCVSS 7.0v315 5G IoT Modemv9206 LTE Modem+230 more2024-01-02
CVE-2023-33110 [HIGH] CWE-823 CVE-2023-33110: The session index variable in PCM host voice audio driver initialized before PCM open, accessed duri
The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption.
nvd
CVE-2021-30299P4MEDIUMCVSS 6.7vAPQ8096AUvAR8031+82 more2024-11-22
CVE-2021-30299 [MEDIUM] CWE-20 CVE-2021-30299: Possible out of bound access in audio module due to lack of validation of user provided input.
Possible out of bound access in audio module due to lack of validation of user provided input.
nvd
CVE-2024-23370P4MEDIUMCVSS 6.7vQCA6584AUvQCA6698AQ+9 more2024-10-07
CVE-2024-23370 [MEDIUM] CWE-416 CVE-2024-23370: Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel
Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.
nvd
CVE-2024-23378P4MEDIUMCVSS 6.7vQAM8255PvQAM8650P+16 more2024-10-07
CVE-2024-23378 [MEDIUM] CWE-120 CVE-2024-23378: Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playbac
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.
nvd