Lucene search
K
QualcommSnapdragon Wear 1300 Platform Firmware

43 matches found

CVE
CVE
added 2023/04/04 4:46 a.m.337 views

CVE-2022-33291

CVE-2022-33291 : Information disclosure due to a buffer over-read in the Modem when receiving an IP header with a malformed length. Connected sources consistently describe “information disclosure” in Modem; no concrete details on affected vendors/models beyond the Modem context, nor on exploitabl...

8.2CVSS7.7AI score0.00354EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.125 views

CVE-2023-33110

The CVE-2023-33110 issue concerns the PCM host voice audio driver on Qualcomm chipsets, where a session index is initialized before PCM is opened, accessed in an event callback from ADSP, and reset on PCM close. This race can lead to memory corruption if callbacks occur as the session index is mo...

7.8CVSS6.8AI score0.00078EPSS
CVE
CVE
added 2023/11/07 5:26 a.m.108 views

CVE-2023-22388

CVE-2023-22388 describes memory corruption in the Qualcomm Multi-mode Call Processor when handling a bit mask API. The issue is documented with a CVSS v3.1 base score of 9.8 (CRITICAL) and is described as network-exploitable with no user interaction and no privileges required; impact spans confid...

9.8CVSS9.6AI score0.00353EPSS
CVE
CVE
added 2023/04/04 4:46 a.m.100 views

CVE-2022-40532

CVE-2022-40532 affects Qualcomm WLAN/WMI command handling, where memory corruption can occur due to an integer overflow or wraparound when sending a WMI command from the host to the target. The issue is tied to Qualcomm chipset/WLAN firmware and is described as memory corruption with potential hi...

8.4CVSS8.2AI score0.00116EPSS
CVE
CVE
added 2023/04/04 4:46 a.m.92 views

CVE-2022-33302

CVE-2022-33302 describes a memory corruption in the Qualcomm User Identity Module caused by improper validation of an array index when the APN TLV length exceeds the command length. Documents reference this vulnerability across multiple feeds (NVD, Red Hat, PRION, CNNVD, CVE list) with the same d...

7.8CVSS7.3AI score0.00118EPSS
CVE
CVE
added 2024/02/06 5:47 a.m.92 views

CVE-2023-33072

CVE-2023-33072 is a memory corruption issue affecting Core when processing control functions, with concrete mappings in connected records to Qualcomm closed‑source components and related “Core” memory‑corruption vectors. Public references describe the issue as memory corruption in Core and, in so...

9.3CVSS7.8AI score0.00111EPSS
CVE
CVE
added 2024/09/02 10:22 a.m.92 views

CVE-2024-33016

CVE-2024-33016 pertains to Siemens SCALANCE W700, where the vulnerability is described as memory corruption that occurs when an invalid firehose patch command is invoked. The Tenable Nessus plugin explicitly identifies this CVE in the context of Siemens SCALANCE W700 and notes the affected asset ...

6.8CVSS7AI score0.00153EPSS
CVE
CVE
added 2023/06/06 7:38 a.m.86 views

CVE-2022-40521

CVE-2022-40521 is documented with concrete details in connected sources: a Transient Denial of Service due to improper authorization in Qualcomm baseband/modem components. The issue affects Qualcomm basebands and is described as a DoS vulnerability arising from improper authorization, with a Netw...

7.5CVSS7.5AI score0.00354EPSS
CVE
CVE
added 2023/11/07 5:26 a.m.86 views

CVE-2023-28556

Technical details for CVE-2023-28556 are not publicly provided in the supplied documents. No concrete affected products, versions, root cause or fixes are disclosed here. Monitor for updates from vendors and security bulletins.

7.8CVSS7.2AI score0.00124EPSS
CVE
CVE
added 2023/04/04 4:46 a.m.82 views

CVE-2022-33289

Technical details about CVE-2022-33289 (affected products/versions/fix) are not provided in the supplied connected documents. Monitor for updates and additional authoritative disclosures.

6.8CVSS6.8AI score0.00186EPSS
CVE
CVE
added 2023/12/05 3:4 a.m.80 views

CVE-2023-33018

CVE-2023-33018 describes a memory corruption in the Qualcomm UIM (User Identity Module) related to the diag command used to retrieve the operator’s name. The CVE is rated HIGH with a CVSS v3.1 base score of 7.8 (LOCAL attack vector, LOW attack complexity, LOW privileges required, no user interact...

7.8CVSS7.9AI score0.0011EPSS
CVE
CVE
added 2023/06/06 7:38 a.m.79 views

CVE-2022-40507

CVE-2022-40507 describes memory corruption due to a double free in Core when mapping an HLOS address to the list, affecting Qualcomm closed‑source components. The issue has local attack vector with low privileges and no user interaction, with confidentiality, integrity, and availability impacts m...

8.4CVSS8.1AI score0.01305EPSS
CVE
CVE
added 2023/06/06 7:38 a.m.79 views

CVE-2022-40523

CVE-2022-40523 describes information disclosure in the Kernel caused by indirect branch misprediction. The connected records corroborate a kernel‑level information leakage issue; Red Hat and NVD entries simply state the kernel disclosure, with no vendor/version specifics provided in these documen...

7.1CVSS5.6AI score0.00113EPSS
CVE
CVE
added 2023/06/06 7:38 a.m.78 views

CVE-2022-22076

CVE-2022-22076 describes information disclosure caused by a cryptographic issue in the Core during RPMB read requests. Public sources in the provided documents (NVD, Red Hat Security Advisory, and other aggregations) state this cryptographic flaw leads to information leakage in Qualcomm-related c...

7.1CVSS5.8AI score0.00113EPSS
CVE
CVE
added 2023/11/07 5:26 a.m.78 views

CVE-2023-24852

CVE-2023-24852 describes memory corruption in the Core component when a user performs secure memory access during modem image loading. The vulnerability is local and impacts confidentiality, integrity, and availability (per CVSS metrics with LOCAL access, LOW attack complexity, NONE user interact...

8.4CVSS7.8AI score0.00124EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.78 views

CVE-2023-28585

CVE-2023-28585 is a memory corruption issue in the TZ Secure OS/Tee Kernel triggered when loading an ELF segment. Multiple connected sources identify the root cause as memory corruption within the TEE Kernel during ELF segment loading, with the TZ Secure OS context (Qualcomm components) cited in ...

8.8CVSS8.8AI score0.0014EPSS
CVE
CVE
added 2023/11/07 5:26 a.m.77 views

CVE-2023-28545

CVE-2023-28545 describes memory corruption in TZ Secure OS when loading an application ELF. Multiple sources confirm this is a local issue with high impact to confidentiality, integrity, and availability, per CVSS metrics (NVD). Exploitation is local and requires low attack complexity with low pr...

8.2CVSS8AI score0.0014EPSS
CVE
CVE
added 2023/05/02 5:8 a.m.76 views

CVE-2022-33304

CVE-2022-33304 affects the Modem component and is caused by a NULL pointer dereference during the pullup for received TCP/UDP packets, leading to a transient Denial of Service. The CVSS v3.1 vector indicates network attack, low complexity, no user interaction, with availability impact but no conf...

7.5CVSS7.5AI score0.00383EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.76 views

CVE-2023-33030

CVE-2023-33030 is a memory corruption issue in HLOS observed while running the PlayReady use-case on Qualcomm chipsets. Connected details indicate the underlying cause as buffer copy without checking the size of input, leading to potential corruption. Documented impact across sources emphasizes h...

9.3CVSS7.8AI score0.00122EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.75 views

CVE-2023-28550

CVE-2023-28550 affects Qualcomm chipsets, describing memory corruption in MPP performance when accessing the DSM watermark via an external memory address. The vulnerability is tied to improper memory bounds handling within the MPP component, leading to potential high-severity impact (as indicated...

7.8CVSS7.9AI score0.00118EPSS
CVE
CVE
added 2024/12/02 10:18 a.m.74 views

CVE-2024-33056

CVE-2024-33056 describes a memory corruption issue in Qualcomm components involving sequential allocation/access of an entry in the SMEM partition. Affected are Qualcomm closed‑source components and related security processor context; root cause is memory corruption from continuous SMEM entry han...

8.4CVSS8.6AI score0.00104EPSS
CVE
CVE
added 2023/10/03 5:0 a.m.73 views

CVE-2023-22385

CVE-2023-22385 is a memory corruption issue in the Qualcomm Data Modem that can occur during MO or MT VOLTE calls. Public documents consistently describe the affected component as the Data Modem and attribute the vulnerability to memory corruption in that subsystem. The CVE appears in multiple fe...

9.8CVSS9.1AI score0.00353EPSS
CVE
CVE
added 2023/05/02 5:8 a.m.72 views

CVE-2022-40505

CVE-2022-40505 is described across connected sources as a buffer‑over‑read in the Modem when parsing DNS hostnames, causing information disclosure in Qualcomm chipset Modems. The affected component is the Modem/DNS hostname parsing path; the root cause is a buffer over-read. Documented impact inc...

8.2CVSS7.7AI score0.00354EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.72 views

CVE-2023-33032

CVE-2023-33032 corresponds to memory corruption in TZ Secure OS when requesting a memory allocation from the TA region. The description is consistently reported across multiple sources (NVD, Red Hat, CVE listing, PRION, CNNVD) as a TZ Secure OS memory corruption issue. The initial entries do not ...

9.3CVSS7.7AI score0.00122EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.71 views

CVE-2023-33017

CVE-2023-33017 describes memory corruption in Boot during a ListVars test in the UEFI Menu on Qualcomm chipsets. The affected component is the UEFI/boot path, with the root cause cited as a memory corruption issue during boot testing. Documented impact scores indicate high potential for confident...

7.8CVSS7.8AI score0.00157EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.71 views

CVE-2023-33033

Technical details (affected products, versions, root cause, fixes) for CVE-2023-33033 are not publicly provided in the supplied connected documents; monitor updates from Qualcomm/Red Hat/NVD references.

8.4CVSS7.8AI score0.00119EPSS
CVE
CVE
added 2024/07/01 2:17 p.m.70 views

CVE-2024-21465

CVE-2024-21465 : Memory corruption while processing a key blob passed by the user. Documents indicate this affects Qualcomm closed‑source components and is rated High impact (C:H, I:H, A:H) with LOCAL attacker access and LOW privileges required, no user interaction. The CVSS metrics imply local e...

7.8CVSS7.9AI score0.00103EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.68 views

CVE-2023-28586

CVE-2023-28586 concerns an information disclosure in Qualcomm-chipset TZ Secure OS when loading an ELF in a trusted execution environment (TEE). The root cause is described in sources as accessing trusted application metadata symbol addresses during ELF load, potentially exposing confidential dat...

6.5CVSS6.1AI score0.00136EPSS
CVE
CVE
added 2024/07/01 2:17 p.m.67 views

CVE-2024-21469

CVE-2024-21469 is mapped to Qualcomm TZ Secure OS / embedded platform where memory corruption occurs when an invoke call and a TEE call are bound to the same trusted application. The Red Hat/Qualcomm/PT-Security entries describe the issue as memory corruption with potential for arbitrary code exe...

7.8CVSS7.4AI score0.00103EPSS
CVE
CVE
added 2023/04/04 4:46 a.m.66 views

CVE-2022-33287

CVE-2022-33287 describes information disclosure in a Modem due to a buffer over-read while calculating the length of Unfragmented headers in an IPv6 packet. Connected sources reference a Modem/Qualcomm chipset context and reiterate the same description, but none provide concrete affected products...

8.2CVSS7.7AI score0.00354EPSS
CVE
CVE
added 2024/07/01 2:17 p.m.66 views

CVE-2024-21461

CVE-2024-21461 is a memory-corruption issue in the Keymaster finish-HMAC path triggered when the context is freed by Keymaster. Public details in connected docs indicate the vulnerability affects Android/Keymaster workflows and is rated HIGH severity with local access requirements (per CVSS). Exp...

8.4CVSS8.3AI score0.00104EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.62 views

CVE-2023-28546

CVE-2023-28546 corresponds to memory corruption in the SPS Application when exporting a public key in the sorter TA. The connected PT-2023-21794 entry confirms the issue is memory-corruption related with potential code execution, but it does not specify affected versions and provides no informati...

7.8CVSS7.7AI score0.0011EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.62 views

CVE-2023-28551

CVE-2023-28551 describes memory corruption in UTILS when the modem processes memory-specific Diag commands with arbitrary address values. The issue affects Qualcomm chipset components (Qualcomm closed-source/Qualcomm components) and is rated with CVSS v3.1: Local access, Low attack complexity, Lo...

7.8CVSS8AI score0.00118EPSS
CVE
CVE
added 2024/09/02 10:22 a.m.61 views

CVE-2024-23362

CVE-2024-23362 is a cryptographic issue in Qualcomm closed‑source components related to parsing RSA keys in the COBR format. The vulnerability is tied to the Trusted Execution Environment in Qualcomm chipsets and is tracked across multiple feeds (Red Hat, CVE databases, and vendor bulletins). The...

7.1CVSS6.9AI score0.00123EPSS
CVE
CVE
added 2024/07/01 2:17 p.m.59 views

CVE-2024-21462

CVE-2024-21462 describes a Transient DoS issue when loading the TA ELF file in Qualcomm closed‑source components (TZ Secure OS). Public sources assign a Local attacker vector with Low complexity and Low privileges required, potentially causing an availability impact described as HIGH. The CVE is ...

7.1CVSS6.1AI score0.00094EPSS
CVE
CVE
added 2024/09/02 10:22 a.m.54 views

CVE-2024-23359

CVE-2024-23359: Information disclosure in Qualcomm chipsets occurs when decoding Tracking Area Update Accept or Attach Accept messages. Connected sources identify this as a information-disclosure issue in Qualcomm closed-source components (Multi Mode Call Processor). Exploitation details are not ...

8.2CVSS8.2AI score0.00264EPSS
CVE
CVE
added 2025/04/07 10:15 a.m.49 views

CVE-2024-43046

CVE-2024-43046 describes an information disclosure vulnerability affecting TZ Secure OS on Qualcomm chipsets, triggered by memory re-allocation where sensitive memory content may be exposed. The CVE notes a memory re-allocation issue but the provided documents do not specify affected product vers...

5.5CVSS6.6AI score0.00105EPSS
CVE
CVE
added 2024/08/05 2:21 p.m.35 views

CVE-2024-23353

CVE-2024-23353 affects Qualcomm components (Multi Mode Call Processor) and describes a transient denial-of-service during decoding an attach reject message received by UE when IEI is set to ESM_IEI. CVSSv3.1 base score 7.5 (High) with network attack vector, no user interaction, and impact limited...

7.5CVSS7.5AI score0.00346EPSS
CVE
CVE
added 2025/08/06 7:25 a.m.31 views

CVE-2025-21464

CVE-2025-21464 is documented in multiple sources as an information-disclosure (out-of-bounds read) issue affecting Qualcomm closed-source components, with the core vulnerability described as an information disclosure when reading data from an image using a specified offset and size. The CVE is li...

6.5CVSS6.5AI score0.00085EPSS
CVE
CVE
added 2025/08/06 7:25 a.m.21 views

CVE-2025-21465

CVE-2025-21465 describes information disclosure arising from how a hash segment is processed in an MBN file within Qualcomm chipsets (closed-source components). The connected data confirm the issue is an information disclosure vulnerability in the MBN processing path, but do not provide concrete ...

6.5CVSS6.4AI score0.00085EPSS
CVE
CVE
added 2025/10/09 3:18 a.m.21 views

CVE-2025-27053

CVE-2025-27053 : A memory corruption issue occurs in the PlayReady APP while processing Trusted Application (TA) commands. The vulnerability affects the PlayReady component and can lead to system instability or compromise. The PT-2025-41342 entry (and related sources) notes the vulnerability and ...

7.8CVSS6.8AI score0.00081EPSS
CVE
CVE
added 2025/09/24 3:33 p.m.20 views

CVE-2025-21482

CVE-2025-21482 describes a cryptographic issue in Qualcomm closed‑source components related to RSA PKCS padding decoding. The CVE is listed as High severity with Local attack vector, Low attack complexity, Low privileges required, and no user interaction, with impacts on Confidentiality and Integ...

7.1CVSS6.6AI score0.0008EPSS
CVE
CVE
added 2025/10/09 3:18 a.m.16 views

CVE-2025-27054

CVE-2025-27054 is a memory corruption issue reported in Qualcomm closed‑source components, triggered while processing a malformed license file during reboot. The CVE appears in multiple feeds (NVD/Red Hat/CVE.org), with Qualcomm listing a High severity for the affected closed‑source component. Co...

7.8CVSS6.7AI score0.00081EPSS