cbcvebase.

Qualcomm Inc Snapdragon vulnerabilities

940 known vulnerabilities affecting qualcomm_inc/snapdragon.

Total CVEs
940
CISA KEV
8
actively exploited
Public exploits
2
Exploited in wild
8
Severity breakdown
CRITICAL52HIGH738MEDIUM150

Vulnerabilities

Page 9 of 47
CVE-2026-21373P3HIGHCVSS 7.8vAQT1000vCologne+52 more2026-04-06
CVE-2026-21373 [HIGH] CWE-126 CVE-2026-21373: Memory Corruption when accessing an output buffer without validating its size during IOCTL processin Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
nvd
CVE-2025-59605P3HIGHCVSS 7.8vAR8035vCSRA6620+141 more2026-06-01
CVE-2025-59605 [HIGH] CWE-787 CVE-2025-59605: Memory Corruption when processing device identifier strings that exceed the expected maximum length. Memory Corruption when processing device identifier strings that exceed the expected maximum length.
nvd
CVE-2025-59606P3HIGHCVSS 7.8vColognevFastConnect 6200+100 more2026-06-01
CVE-2025-59606 [HIGH] CWE-476 CVE-2025-59606: Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion duri Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
nvd
CVE-2025-47408P3HIGHCVSS 7.8vFastConnect 6200vFastConnect 6900+18 more2026-05-04
CVE-2025-47408 [HIGH] CWE-822 CVE-2025-47408: Memory corruption when another driver calls an IOCTL with invalid input/output buffer. Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
nvd
CVE-2025-47405P3HIGHCVSS 7.8vFastConnect 6900vFastConnect 7800+14 more2026-05-04
CVE-2025-47405 [HIGH] CWE-822 CVE-2025-47405: Memory corruption when processing camera sensor input/output control codes with invalid output buffe Memory corruption when processing camera sensor input/output control codes with invalid output buffers.
nvd
CVE-2026-21375P3HIGHCVSS 7.8vColognevFastConnect 6700+33 more2026-04-06
CVE-2026-21375 [HIGH] CWE-126 CVE-2026-21375: Memory Corruption when accessing an output buffer without validating its size during IOCTL processin Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
nvd
CVE-2026-21380P3HIGHCVSS 7.8vColognevFastConnect 6900+21 more2026-04-06
CVE-2026-21380 [HIGH] CWE-416 CVE-2026-21380: Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory. Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
nvd
CVE-2026-21378P3HIGHCVSS 7.8vAQT1000vCologne+49 more2026-04-06
CVE-2026-21378 [HIGH] CWE-126 CVE-2026-21378: Memory Corruption when accessing an output buffer without validating its size during IOCTL processin Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
nvd
CVE-2025-47360P3HIGHCVSS 7.8vQAM8255PvQAM8295P+33 more2025-11-04
CVE-2025-47360 [HIGH] CWE-121 CVE-2025-47360: Memory corruption while processing client message during device management. Memory corruption while processing client message during device management.
nvd
CVE-2025-47368P3HIGHCVSS 7.8vFastConnect 6900vFastConnect 7800+6 more2025-11-04
CVE-2025-47368 [HIGH] CWE-126 CVE-2025-47368: Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.
nvd
CVE-2025-47365P3HIGHCVSS 7.8vQAM8255PvQAM8295P+33 more2025-11-04
CVE-2025-47365 [HIGH] CWE-190 CVE-2025-47365: Memory corruption while processing large input data from a remote source via a communication interfa Memory corruption while processing large input data from a remote source via a communication interface.
nvd
CVE-2025-47339P3HIGHCVSS 7.8vAR8035vAR9380+183 more2026-01-07
CVE-2025-47339 [HIGH] CWE-416 CVE-2025-47339: Memory corruption while deinitializing a HDCP session. Memory corruption while deinitializing a HDCP session.
nvd
CVE-2025-47346P3HIGHCVSS 7.8vAR8035vFastConnect 6200+111 more2026-01-07
CVE-2025-47346 [HIGH] CWE-787 CVE-2025-47346: Memory corruption while processing a secure logging command in the trusted application. Memory corruption while processing a secure logging command in the trusted application.
nvd
CVE-2025-27062P3HIGHCVSS 7.8v315 5G IoT ModemvAPQ8064AU+151 more2025-08-06
CVE-2025-27062 [HIGH] CWE-284 CVE-2025-27062: Memory corruption while handling client exceptions, allowing unauthorized channel access. Memory corruption while handling client exceptions, allowing unauthorized channel access.
nvd
CVE-2025-59600P3HIGHCVSS 7.8vAR8031vAR8035+160 more2026-03-02
CVE-2025-59600 [HIGH] CWE-126 CVE-2025-59600: Memory Corruption when adding user-supplied data without checking available buffer space. Memory Corruption when adding user-supplied data without checking available buffer space.
nvd
CVE-2026-25258P3HIGHCVSS 7.8vColognevFastConnect 6900+17 more2026-06-01
CVE-2026-25258 [HIGH] CWE-125 CVE-2026-25258: Memory corruption while processing IOCTL calls for escape operations. Memory corruption while processing IOCTL calls for escape operations.
nvd
CVE-2025-21485P3HIGHCVSS 7.8vFastConnect 6900vFastConnect 7800+27 more2025-06-03
CVE-2025-21485 [HIGH] CWE-367 CVE-2025-21485: Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC. Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC.
nvd
CVE-2022-40536P3HIGHCVSS 7.5v315 5G IoT ModemvAR8035+76 more2023-06-06
CVE-2022-40536 [HIGH] CWE-285 CVE-2022-40536: Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message Transient DOS due to improper authentication in modem while receiving plain TLB OTA request message from network.
nvd
CVE-2023-28543P3CRITICALCVSS 9.8vSD855vSD845+2 more2023-09-05
CVE-2023-28543 [CRITICAL] CWE-125 CVE-2023-28543: A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source).
nvd
CVE-2023-33054P3CRITICALCVSS 9.1v315 5G IoT ModemvAQT1000+166 more2023-12-05
CVE-2023-33054 [CRITICAL] CWE-287 CVE-2023-33054: Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.
nvd