Qcs6490 Firmware Security Vulnerabilities and Issues — Page 10 of Qcs6490 Firmware CVE List

7.8CVSS7.3AI score0.00246EPSS

CVE-2021-1936

Null pointer dereference can occur due to lack of null check for user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS7.6AI score0.00098EPSS

CVE-2021-1984

Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS7.3AI score0.00094EPSS

CVE-2021-30257

Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

7.5CVSS7.3AI score0.00228EPSS

CVE-2021-30302

Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrast...

CVE•added 2023/01/09 8:15 a.m.•38 views

CVE-2022-40517

Memory corruption in core due to stack-based buffer overflow

8.4CVSS8.3AI score0.00091EPSS

CVE•added 2024/05/06 3:15 p.m.•38 views

CVE-2023-43529

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

7.5CVSS6.9AI score0.00153EPSS

CVE•added 2025/03/03 11:15 a.m.•38 views

CVE-2024-43056

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

6.5CVSS7.1AI score0.0002EPSS

CVE•added 2021/10/20 7:15 a.m.•37 views

CVE-2021-30258

Possible buffer overflow due to improper size calculation of payload received in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

8.4CVSS7.6AI score0.00035EPSS

CVE•added 2024/11/04 10:15 a.m.•37 views

CVE-2024-38407

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.

7.8CVSS7.5AI score0.00019EPSS

CVE•added 2024/11/04 10:15 a.m.•37 views

CVE-2024-38408

Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.

9.1CVSS9AI score0.00069EPSS

CVE•added 2022/01/03 8:15 a.m.•36 views

CVE-2021-1918

Improper handling of resource allocation in virtual machines can lead to information exposure in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

6.5CVSS6.4AI score0.00045EPSS

CVE•added 2024/11/04 10:15 a.m.•36 views

CVE-2024-38424

Memory corruption during GNSS HAL process initialization.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2024/11/04 10:15 a.m.•34 views

CVE-2024-33068

Transient DOS while parsing fragments of MBSSID IE from beacon frame.

7.5CVSS7AI score0.00193EPSS

CVE•added 2024/11/04 10:15 a.m.•34 views

CVE-2024-38409

Memory corruption while station LL statistic handling.

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2024/06/03 10:15 a.m.•31 views

CVE-2023-43555

Information disclosure in Video while parsing mp2 clip with invalid section length.

8.2CVSS8.1AI score0.00093EPSS

CVE•added 2024/08/05 3:15 p.m.•23 views

CVE-2024-33022

Memory corruption while allocating memory in HGSL driver.

8.4CVSS8.6AI score0.00035EPSS

CVE•added 2024/08/05 3:15 p.m.•22 views

CVE-2024-23357

Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.

6.2CVSS6.4AI score0.00033EPSS

CVE•added 2024/08/05 3:15 p.m.•20 views

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

8.4CVSS8.6AI score0.00034EPSS

CVE•added 2024/08/05 3:15 p.m.•20 views

CVE-2024-23352

Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.

7.5CVSS7.6AI score0.00066EPSS

CVE•added 2024/08/05 3:15 p.m.•17 views

CVE-2024-23355

Memory corruption when keymaster operation imports a shared key.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2024/08/05 3:15 p.m.•17 views

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2024/08/05 3:15 p.m.•16 views

CVE-2024-33021

Memory corruption while processing IOCTL call to set metainfo.

8.4CVSS8.6AI score0.00035EPSS

CVE•added 2024/08/05 3:15 p.m.•13 views

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

7.5CVSS7.5AI score0.00161EPSS

CVE•added 2025/07/08 1:15 p.m.•13 views

CVE-2025-27061

Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.

CVE•added 2025/07/08 1:15 p.m.•12 views

CVE-2025-27042

Memory corruption while processing video packets received from video firmware.

CVE•added 2025/07/08 1:15 p.m.•12 views

CVE-2025-27043

Memory corruption while processing manipulated payload in video firmware.

CVE•added 2025/07/08 1:15 p.m.•12 views

CVE-2025-27057

Transient DOS while handling beacon frames with invalid IE header length.

7.5CVSS6.6AI score0.00053EPSS

CVE•added 2025/07/08 1:15 p.m.•11 views

CVE-2025-21422

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

7.8CVSS6.6AI score0.00012EPSS

CVE•added 2025/07/08 1:15 p.m.•11 views

CVE-2025-21450

Cryptographic issue occurs due to use of insecure connection method while downloading.

9.1CVSS6.6AI score0.00034EPSS

CVE•added 2025/07/08 1:15 p.m.•11 views

CVE-2025-27052

Memory corruption while processing data packets in diag received from Unix clients.

CVE•added 2025/07/08 1:15 p.m.•10 views

CVE-2025-21466

Memory corruption while processing a private escape command in an event trigger.

7.8CVSS6.9AI score0.00015EPSS

CVE•added 2025/07/08 1:15 p.m.•10 views

CVE-2025-27046

Memory corruption while processing multiple simultaneous escape calls.

7.8CVSS6.9AI score0.00015EPSS

CVE•added 2025/07/08 1:15 p.m.•10 views

CVE-2025-27055

Memory corruption during the image encoding process.

7.8CVSS6.8AI score0.00014EPSS

CVE-2024-53009

Memory corruption while operating the mailbox in Automotive.

8.2CVSS6.5AI score0.00047EPSS

CVE-2025-21427

Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.

CVE-2025-21432

Memory corruption while retrieving the CBOR data from TA.

6.2CVSS6.6AI score0.00015EPSS

CVE-2025-21433

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

7.5CVSS6.4AI score0.00068EPSS

CVE-2025-21446

Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests.

CVE-2025-27047

Memory corruption while processing the TESTPATTERNCONFIG escape path.

CVE-2025-27050

Memory corruption while processing event close when client process terminates abruptly.