Snapdragon 4 Gen 1 Firmware Security Vulnerabilities and Issues — Snapdragon 4 Gen 1 Firmware CVE List

Lucene search

QualcommSnapdragon 4 Gen 1 Firmware

47 matches found

cve•added 2025/03/03 11:15 a.m.•99 views

CVE-2025-21424

Memory corruption while calling the NPU driver APIs concurrently.

7.8CVSS7.4AI score0.00021EPSS

cve•added 2023/02/12 4:15 a.m.•85 views

CVE-2022-40514

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

9.8CVSS9.8AI score0.00144EPSS

cve•added 2023/03/10 9:15 p.m.•84 views

CVE-2022-40537

Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.

9.8CVSS8AI score0.00071EPSS

cve•added 2023/03/10 9:15 p.m.•82 views

CVE-2022-22075

Information Disclosure in Graphics during GPU context switch.

6.2CVSS5.5AI score0.0006EPSS

cve•added 2023/03/10 9:15 p.m.•82 views

CVE-2022-33256

Memory corruption due to improper validation of array index in Multi-mode call processor.

9.8CVSS9.7AI score0.0009EPSS

cve•added 2023/07/04 5:15 a.m.•82 views

CVE-2023-21631

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

9.8CVSS8.2AI score0.00074EPSS

cve•added 2023/09/05 7:15 a.m.•82 views

CVE-2023-33021

Memory corruption in Graphics while processing user packets for command submission.

8.4CVSS8.2AI score0.00029EPSS

cve•added 2023/07/04 5:15 a.m.•81 views

CVE-2023-22387

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

7.8CVSS7.6AI score0.00051EPSS

cve•added 2023/07/04 5:15 a.m.•80 views

CVE-2023-24851

Memory Corruption in WLAN HOST while parsing QMI response message from firmware.

7.8CVSS7.7AI score0.00052EPSS

cve•added 2023/02/12 4:15 a.m.•78 views

CVE-2022-33248

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

7.8CVSS8AI score0.00074EPSS

cve•added 2023/02/12 4:15 a.m.•78 views

CVE-2022-40512

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

7.5CVSS7.6AI score0.00123EPSS

cve•added 2023/03/10 9:15 p.m.•74 views

CVE-2022-40530

Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.

8.4CVSS8.3AI score0.00046EPSS

cve•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

7.8CVSS7.9AI score0.0006EPSS

cve•added 2023/02/12 4:15 a.m.•72 views

CVE-2022-33271

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

8.2CVSS7.7AI score0.00091EPSS

cve•added 2023/03/10 9:15 p.m.•71 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS

cve•added 2023/07/04 5:15 a.m.•71 views

CVE-2023-28542

Memory Corruption in WLAN HOST while fetching TX status information.

7.8CVSS7.7AI score0.0006EPSS

cve•added 2023/07/04 5:15 a.m.•70 views

CVE-2023-22386

Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.

7.8CVSS7.6AI score0.00051EPSS

cve•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-25709

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg

8.4CVSS8AI score0.00067EPSS

cve•added 2023/03/10 9:15 p.m.•69 views

CVE-2022-33242

Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD.

7.8CVSS7.9AI score0.00046EPSS

cve•added 2023/03/10 9:15 p.m.•68 views

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

9.8CVSS8AI score0.00071EPSS

cve•added 2023/07/04 5:15 a.m.•68 views

CVE-2023-24854

Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message.

7.8CVSS7.7AI score0.00052EPSS

cve•added 2025/03/03 11:15 a.m.•68 views

CVE-2024-53027

Transient DOS may occur while processing the country IE.

7.5CVSS7.2AI score0.00073EPSS

cve•added 2023/07/04 5:15 a.m.•67 views

CVE-2023-21629

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

6.8CVSS6.6AI score0.00073EPSS

cve•added 2023/03/10 9:15 p.m.•66 views

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

7.8CVSS8AI score0.0006EPSS

cve•added 2023/03/10 9:15 p.m.•66 views

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS7.6AI score0.00042EPSS

cve•added 2023/02/12 4:15 a.m.•66 views

CVE-2022-33277

Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.

8.4CVSS8.1AI score0.0006EPSS

cve•added 2024/09/02 12:15 p.m.•66 views

CVE-2024-33042

Memory corruption when Alternative Frequency offset value is set to 255.

7.8CVSS7.8AI score0.00039EPSS

cve•added 2023/03/10 9:15 p.m.•65 views

CVE-2022-33278

Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity.

7.8CVSS7.9AI score0.00067EPSS

cve•added 2023/03/10 9:15 p.m.•65 views

CVE-2022-40535

Transient DOS due to buffer over-read in WLAN while sending a packet to device.

7.5CVSS7.6AI score0.00104EPSS

cve•added 2025/03/03 11:15 a.m.•64 views

CVE-2024-53024

Memory corruption in display driver while detaching a device.

7.8CVSS7.4AI score0.00024EPSS

cve•added 2023/03/10 9:15 p.m.•63 views

CVE-2022-33250

Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover.

7.5CVSS7.5AI score0.00123EPSS

cve•added 2023/03/10 9:15 p.m.•63 views

CVE-2022-33254

Transient DOS due to reachable assertion in Modem while processing SIB1 Message.

7.5CVSS7.5AI score0.00123EPSS

cve•added 2023/09/05 7:15 a.m.•63 views

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

8.4CVSS8.1AI score0.0003EPSS

cve•added 2023/03/10 9:15 p.m.•62 views

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS8.2AI score0.00067EPSS

cve•added 2023/03/10 9:15 p.m.•62 views

CVE-2022-33272

Transient DOS in modem due to reachable assertion.

7.5CVSS7.5AI score0.00123EPSS

cve•added 2024/09/02 12:15 p.m.•62 views

CVE-2024-33050

Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.

7.5CVSS7.6AI score0.00264EPSS

cve•added 2025/03/03 11:15 a.m.•62 views

CVE-2024-53014

Memory corruption may occur while validating ports and channels in Audio driver.

7.8CVSS7.4AI score0.00024EPSS

cve•added 2023/03/10 9:15 p.m.•61 views

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout

7.5CVSS7.5AI score0.00123EPSS

cve•added 2023/09/05 7:15 a.m.•61 views

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

7.8CVSS8AI score0.00053EPSS

cve•added 2023/03/10 9:15 p.m.•60 views

CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

8.4CVSS8AI score0.00067EPSS

cve•added 2024/09/02 12:15 p.m.•60 views

CVE-2024-33045

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

8.4CVSS8.2AI score0.00039EPSS

cve•added 2023/09/05 7:15 a.m.•59 views

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

7.8CVSS8AI score0.0003EPSS

cve•added 2023/09/05 7:15 a.m.•56 views

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

7.8CVSS8AI score0.00053EPSS

cve•added 2023/07/04 5:15 a.m.•51 views

CVE-2023-22667

Memory Corruption in Audio while allocating the ion buffer during the music playback.

8.4CVSS8.1AI score0.00051EPSS

cve•added 2024/09/02 12:15 p.m.•45 views

CVE-2024-33051

Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.

7.5CVSS7.6AI score0.00174EPSS

cve•added 2025/03/03 11:15 a.m.•44 views

CVE-2024-38426

While processing the authentication message in UE, improper authentication may lead to information disclosure.

5.4CVSS6.9AI score0.00069EPSS

cve•added 2025/03/03 11:15 a.m.•39 views

CVE-2024-43051

Information disclosure while deriving keys for a session for any Widevine use case.

5.5CVSS7.1AI score0.00015EPSS