10 matches found
CVE-2024-53026
CVE-2024-53026 describes an information-disclosure vulnerability triggered by receiving an invalid RTCP packet during a VoLTE/VoWiFi IMS call. Connected sources associate this with Qualcomm chipsets and note public advisories/patches refer to this issue; however, concrete technical details about ...
CVE-2024-53021
CVE-2024-53021 is a Qualcomm chipset vulnerability described in connected PT-2025-23579 and PT-2025-23577 as an information-disclosure issue that occurs while processing goodbye RTCP/RTP packets. The root cause is a buffer over-read in the data network stack during decoding/construction of RTCP h...
CVE-2024-53020
CVE-2024-53020 is reported as information disclosure that may occur when decoding RTP packets with an invalid header extension, linked to Qualcomm chipsets’ data/network stack. Connected sources describe a buffer over-read and information disclosure risk in the affected component but do not provi...
CVE-2025-21483
CVE-2025-21483 affects Qualcomm Snapdragon embedded platform firmware in the Data Network Stack & Connectivity component. It stems from a buffer overflow during RTP packet reassembly of NAL units, leading to memory corruption in the UE. The CVSS 3.1/3.1 vector is Network, Privileges=None, User in...
CVE-2024-45552
CVE-2024-45552 affects Qualcomm components (closed‑source) and involves an information-disclosure condition during a video call when a device resets due to a non-conforming RTCP packet that does not adhere to RFC standards. root cause: RTCP packet non-conformance leading to state reset and data e...
CVE-2025-21428
CVE-2025-21428 relates to memory corruption in Qualcomm chipsets when a station (STA) connects to an access point (AP) and an ADD TS request is initiated to establish a TSpec session. The vulnerability affects the WLAN host/stack in affected Qualcomm products and is classified with CVSS v3.1 vect...
CVE-2024-23353
CVE-2024-23353 affects Qualcomm components (Multi Mode Call Processor) and describes a transient denial-of-service during decoding an attach reject message received by UE when IEI is set to ESM_IEI. CVSSv3.1 base score 7.5 (High) with network attack vector, no user interaction, and impact limited...
CVE-2025-27053
CVE-2025-27053 : A memory corruption issue occurs in the PlayReady APP while processing Trusted Application (TA) commands. The vulnerability affects the PlayReady component and can lead to system instability or compromise. The PT-2025-41342 entry (and related sources) notes the vulnerability and ...
CVE-2025-21487
CVE-2025-21487 concerns information disclosure in Qualcomm closed‑source components due to incorrect handling of RTP payload length when decoding packets. The root cause is a buffer length mismatch that can lead to over-read and leakage of information from the UE. The vulnerability is categorized...
CVE-2025-21482
CVE-2025-21482 describes a cryptographic issue in Qualcomm closed‑source components related to RSA PKCS padding decoding. The CVE is listed as High severity with Local attack vector, Low attack complexity, Low privileges required, and no user interaction, with impacts on Confidentiality and Integ...