Qualcomm Inc Snapdragon vulnerabilities
940 known vulnerabilities affecting qualcomm_inc/snapdragon.
Total CVEs
940
CISA KEV
8
actively exploited
Public exploits
2
Exploited in wild
8
Severity breakdown
CRITICAL52HIGH738MEDIUM150
Vulnerabilities
Page 43 of 47
CVE-2025-47362P4MEDIUMCVSS 6.1vMSM8996AUvQAM8255P+36 more2025-11-04
CVE-2025-47362 [MEDIUM] CWE-126 CVE-2025-47362: Information disclosure while processing message from client with invalid payload.
Information disclosure while processing message from client with invalid payload.
nvd
CVE-2022-33255P4MEDIUMCVSS 6.5vAPQ8009vAR8031+90 more2023-01-09
CVE-2022-33255 [MEDIUM] CWE-125 CVE-2022-33255: Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and
Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.
nvd
CVE-2022-33283P4MEDIUMCVSS 6.5vAR8035vAR9380+132 more2023-01-09
CVE-2022-33283 [MEDIUM] CWE-125 CVE-2022-33283: Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.
nvd
CVE-2024-21460P4MEDIUMCVSS 6.5vFastConnect 6900vFastConnect 7800+13 more2024-07-01
CVE-2024-21460 [MEDIUM] CWE-330 CVE-2024-21460: Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space.
nvd
CVE-2025-27040P4MEDIUMCVSS 6.5vCSR8811vImmersive Home 214 Platform+63 more2025-10-09
CVE-2025-27040 [MEDIUM] CWE-20 CVE-2025-27040: Information disclosure may occur while processing the hypervisor log.
Information disclosure may occur while processing the hypervisor log.
nvd
CVE-2024-38425P4MEDIUMCVSS 6.1vFastConnect 6900vFastConnect 7800+22 more2024-10-07
CVE-2024-38425 [MEDIUM] CWE-285 CVE-2024-38425: Information disclosure while sending implicit broadcast containing APP launch information.
Information disclosure while sending implicit broadcast containing APP launch information.
nvd
CVE-2024-33037P4MEDIUMCVSS 6.1vC-V2X 9150vFastConnect 6800+49 more2024-12-02
CVE-2024-33037 [MEDIUM] CWE-126 CVE-2024-33037: Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver does
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
nvd
CVE-2025-27033P4MEDIUMCVSS 6.1vQCM5430vQCM6490+30 more2025-09-24
CVE-2025-27033 [MEDIUM] CWE-126 CVE-2025-27033: Information disclosure while running video usecase having rogue firmware.
Information disclosure while running video usecase having rogue firmware.
nvd
CVE-2025-27036P4MEDIUMCVSS 6.1vFastConnect 6700vFastConnect 6900+18 more2025-09-24
CVE-2025-27036 [MEDIUM] CWE-126 CVE-2025-27036: Information disclosure when Video engine escape input data is less than expected minimum size.
Information disclosure when Video engine escape input data is less than expected minimum size.
nvd
CVE-2025-21457P4MEDIUMCVSS 6.1vAR8035vFastConnect 7800+13 more2025-08-06
CVE-2025-21457 [MEDIUM] CWE-126 CVE-2025-21457: Information disclosure while opening a fastrpc session when domain is not sanitized.
Information disclosure while opening a fastrpc session when domain is not sanitized.
nvd
CVE-2024-43063P4MEDIUMCVSS 5.5vQAM8255PvQAM8295P+15 more2025-01-06
CVE-2024-43063 [MEDIUM] CWE-126 CVE-2024-43063: information disclosure while invoking the mailbox read API.
information disclosure while invoking the mailbox read API.
nvd
CVE-2025-59609P4MEDIUMCVSS 5.5vAR8035vCSR8811+188 more2026-06-01
CVE-2025-59609 [MEDIUM] CWE-126 CVE-2025-59609: Information Disclosure when processing advertisement frames with malformed MBSSID elements of insuff
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
nvd
CVE-2025-47319P4MEDIUMCVSS 6.7vAR8035vFastConnect 6200+116 more2025-12-18
CVE-2025-47319 [MEDIUM] CWE-497 CVE-2025-47319: Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
nvd
CVE-2022-33284P4MEDIUMCVSS 6.5vAQT1000vAR8035+174 more2023-01-09
CVE-2022-33284 [MEDIUM] CWE-125 CVE-2022-33284: Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame.
nvd
CVE-2023-28586P4MEDIUMCVSS 6.5v315 5G IoT Modemv9205 LTE Modem+311 more2023-12-05
CVE-2023-28586 [MEDIUM] CWE-119 CVE-2023-28586: Information disclosure when the trusted application metadata symbol addresses are accessed while loa
Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.
nvd
CVE-2025-47395P4MEDIUMCVSS 6.5vWCN78612026-01-07
CVE-2025-47395 [MEDIUM] CWE-126 CVE-2025-47395: Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element.
Transient DOS while parsing a WLAN management frame with a Vendor Specific Information Element.
nvd
CVE-2025-47384P4MEDIUMCVSS 6.5v5G Fixed Wireless Access PlatformvFastConnect 6200+41 more2026-03-02
CVE-2025-47384 [MEDIUM] CWE-617 CVE-2025-47384: Transient DOS when MAC configures config id greater than supported maximum value.
Transient DOS when MAC configures config id greater than supported maximum value.
nvd
CVE-2022-33270P4MEDIUMCVSS 5.9vAR8035vFastConnect 6200+38 more2023-04-13
CVE-2022-33270 [MEDIUM] CWE-367 CVE-2022-33270: Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfig
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC Reconfiguration message.
nvd
CVE-2023-28553P4MEDIUMCVSS 5.5vAR8035vAR9380+142 more2023-11-07
CVE-2023-28553 [MEDIUM] CWE-126 CVE-2023-28553: Information Disclosure in WLAN Host when processing WMI event command.
Information Disclosure in WLAN Host when processing WMI event command.
nvd
CVE-2024-23366P4MEDIUMCVSS 5.5vQAM8255PvQAM8295P+15 more2025-01-06
CVE-2024-23366 [MEDIUM] CWE-126 CVE-2024-23366: Information Disclosure while invoking the mailbox write API when message received from user is large
Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.
nvd