Qcn9074 Firmware Security Vulnerabilities and Issues — Qcn9074 Firmware CVE List

Lucene search

QualcommQcn9074 Firmware

30 matches found

CVE•added 2022/02/11 11:15 a.m.•87 views

CVE-2021-30324

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdra...

6.7CVSS6.8AI score0.00047EPSS

CVE•added 2023/11/07 6:15 a.m.•87 views

CVE-2023-28553

Information Disclosure in WLAN Host when processing WMI event command.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2023/03/10 9:15 p.m.•82 views

CVE-2022-22075

Information Disclosure in Graphics during GPU context switch.

6.2CVSS5.5AI score0.0006EPSS

CVE•added 2023/11/07 6:15 a.m.•79 views

CVE-2023-28563

Information disclosure in IOE Firmware while handling WMI command.

6.1CVSS5.6AI score0.00054EPSS

CVE•added 2023/11/07 6:15 a.m.•76 views

CVE-2023-28569

Information disclosure in WLAN HAL while handling command through WMI interfaces.

6.1CVSS5.7AI score0.00054EPSS

CVE•added 2022/02/11 11:15 a.m.•73 views

CVE-2021-30325

Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and ...

6.7CVSS6.6AI score0.00047EPSS

CVE•added 2021/02/22 7:15 a.m.•68 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS

CVE•added 2025/02/03 5:15 p.m.•66 views

CVE-2024-38416

Information disclosure during audio playback.

6.1CVSS6.2AI score0.00019EPSS

CVE•added 2023/11/07 6:15 a.m.•61 views

CVE-2023-28554

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.

6.1CVSS5.5AI score0.00056EPSS

CVE•added 2024/12/02 11:15 a.m.•57 views

CVE-2024-33036

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.

6.7CVSS6.6AI score0.00015EPSS

CVE•added 2023/08/08 10:15 a.m.•56 views

CVE-2023-21647

Information disclosure in Bluetooth when an GATT packet is received due to improper input validation.

6.5CVSS6.4AI score0.00227EPSS

CVE•added 2023/09/05 7:15 a.m.•56 views

CVE-2023-21667

Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.

6.5CVSS6.4AI score0.00066EPSS

CVE•added 2023/10/03 6:15 a.m.•56 views

CVE-2023-28571

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

6.1CVSS5.7AI score0.00027EPSS

CVE•added 2023/01/09 8:15 a.m.•53 views

CVE-2022-40518

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2023/12/05 3:15 a.m.•50 views

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE.

6.5CVSS6.1AI score0.00039EPSS

CVE•added 2023/01/09 8:15 a.m.•49 views

CVE-2022-25722

Information exposure in DSP services due to improper handling of freeing memory

6CVSS5.5AI score0.00031EPSS

CVE•added 2023/01/09 8:15 a.m.•48 views

CVE-2022-40519

Information disclosure due to buffer overread in Core

6.8CVSS5.7AI score0.00047EPSS

CVE•added 2022/10/19 11:15 a.m.•47 views

CVE-2022-25666

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.7CVSS7AI score0.0004EPSS

CVE•added 2021/09/08 12:15 p.m.•46 views

CVE-2021-1928

Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.1CVSS6.5AI score0.00045EPSS

CVE•added 2021/11/12 7:15 a.m.•46 views

CVE-2021-30266

Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infr...

6.7CVSS6.8AI score0.00029EPSS

CVE•added 2024/05/06 3:15 p.m.•44 views

CVE-2023-43527

Information disclosure while parsing dts header atom in Video.

6.8CVSS6.7AI score0.00047EPSS

CVE•added 2024/05/06 3:15 p.m.•43 views

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

6.1CVSS6.6AI score0.00041EPSS

CVE•added 2025/01/06 11:15 a.m.•43 views

CVE-2024-33067

Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2021/11/12 7:15 a.m.•42 views

CVE-2021-30264

Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

6.7CVSS6.7AI score0.00048EPSS

CVE•added 2025/02/03 5:15 p.m.•42 views

CVE-2024-38417

Information disclosure while processing IO control commands.

6.1CVSS6.3AI score0.00019EPSS

CVE•added 2021/09/09 8:15 a.m.•41 views

CVE-2021-1960

Improper handling of ASB-C broadcast packets with crafted opcode in LMP can lead to uncontrolled resource consumption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

6.5CVSS6.5AI score0.00071EPSS

CVE•added 2022/01/13 12:15 p.m.•40 views

CVE-2021-30313

Use after free condition can occur in wired connectivity due to a race condition while creating and deleting folders in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

6.7CVSS6.8AI score0.00076EPSS

CVE•added 2024/12/02 11:15 a.m.•37 views

CVE-2024-33037

Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.

6.1CVSS6.2AI score0.0002EPSS

CVE•added 2024/12/02 11:15 a.m.•36 views

CVE-2024-33053

Memory corruption when multiple threads try to unregister the CVP buffer at the same time.

6.7CVSS6.8AI score0.00023EPSS

CVE•added 2024/11/04 10:15 a.m.•31 views

CVE-2024-33032

Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.

6.7CVSS6.6AI score0.00025EPSS