Lucene search
K
QualcommSnapdragon Wear 2100 Platform Firmware

26 matches found

CVE
CVE
added 2023/04/04 4:46 a.m.438 views

CVE-2022-40503

CVE-2022-40503 is a buffer over-read vulnerability in the Bluetooth Host during A2DP streaming, described as information disclosure. It affects Qualcomm components (Bluetooth) and is referenced in Qualcomm security bulletins; public details appear in NVD and Red Hat/CVE cross references. Remediat...

8.2CVSS7.7AI score0.00406EPSS
CVE
CVE
added 2023/12/05 3:4 a.m.349 views

CVE-2023-33107

CVE-2023-33107 is an integer overflow/memory-corruption vulnerability in Graphics Linux affecting Qualcomm display components. The flaw occurs when assigning a shared virtual memory region during an IOCTL, enabling local attacker access with low complexity and no user interaction; impact is rated...

8.4CVSS8.3AI score0.00892EPSS
In wild
CVE
CVE
added 2023/05/02 5:8 a.m.148 views

CVE-2023-21666

CVE-2023-21666 refers to memory corruption in graphics when accessing a buffer allocated through the graphics pool, tied to Qualcomm Adreno KGSL. The PacketStorm article documents a vulnerability class where, on KGSL builds without CONFIG_QCOM_KGSL_USE_SHMEM (or older KGSL versions without it), G...

8.4CVSS8AI score0.0018EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.133 views

CVE-2023-33120

CVE-2023-33120 affects Qualcomm ADSP Audio: memory corruption occurs when a memory map command is executed consecutively. This is described across multiple sources (NVD/Red Hat/RH advisories) as a memory corruption in Audio due to repeated memory-mapping commands. The CVSS-based description in th...

7.8CVSS7.9AI score0.0011EPSS
CVE
CVE
added 2023/11/07 5:26 a.m.131 views

CVE-2023-33059

Mode C: CVE-2023-33059 concerns memory corruption in the Audio component when processing VOC packet data from ADSP, affecting Qualcomm audio/ADSP stacks. Root cause cited across connected sources as a buffer/memory handling issue in VOC packet processing with high impact on confidentiality, integ...

7.8CVSS7.8AI score0.0011EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.125 views

CVE-2023-33110

The CVE-2023-33110 issue concerns the PCM host voice audio driver on Qualcomm chipsets, where a session index is initialized before PCM is opened, accessed in an event callback from ADSP, and reset on PCM close. This race can lead to memory corruption if callbacks occur as the session index is mo...

7.8CVSS6.8AI score0.00078EPSS
CVE
CVE
added 2024/09/02 10:22 a.m.109 views

CVE-2024-33043

CVE-2024-33043 is a Qualcomm chipset issue described as a transient Denial of Service when handling a PS event with the Program Service name length offset set to 255. Documented impact is local DoS (CVSS v3.1: 5.5, Medium) with Local attack vector and Low privileges required; no exploit details o...

5.5CVSS5.5AI score0.00093EPSS
CVE
CVE
added 2023/11/07 5:26 a.m.108 views

CVE-2023-22388

CVE-2023-22388 describes memory corruption in the Qualcomm Multi-mode Call Processor when handling a bit mask API. The issue is documented with a CVSS v3.1 base score of 9.8 (CRITICAL) and is described as network-exploitable with no user interaction and no privileges required; impact spans confid...

9.8CVSS9.6AI score0.00353EPSS
CVE
CVE
added 2024/11/04 10:4 a.m.106 views

CVE-2024-38422

CVE-2024-38422 describes a memory corruption vulnerability in Qualcomm components related to audio processing, triggered when handling voice packets with arbitrary data received from the ADSP. The issue is evidenced in the CVE listing with a high impact (confidentiality, integrity, and availabili...

7.8CVSS7.9AI score0.00103EPSS
CVE
CVE
added 2023/04/04 4:46 a.m.100 views

CVE-2022-40532

CVE-2022-40532 affects Qualcomm WLAN/WMI command handling, where memory corruption can occur due to an integer overflow or wraparound when sending a WMI command from the host to the target. The issue is tied to Qualcomm chipset/WLAN firmware and is described as memory corruption with potential hi...

8.4CVSS8.2AI score0.00116EPSS
CVE
CVE
added 2024/12/02 10:18 a.m.100 views

CVE-2024-43052

CVE-2024-43052 : Memory corruption while processing API calls to the NPU with invalid input. Connected sources corroborate a Qualcomm/NPU-origin issue affecting NPU API handling, with attack vector reported as local and low complexity but resulting in high impact on confidentiality, integrity, an...

7.8CVSS7.8AI score0.00103EPSS
CVE
CVE
added 2024/11/04 10:5 a.m.99 views

CVE-2024-38423

CVE-2024-38423 = memory corruption while processing GPU page table switch in Qualcomm GPU/display stack. Exploitation would be local with low complexity and could impact confidentiality, integrity, and availability (CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). Connected sources indicate Qualco...

7.8CVSS7.9AI score0.00102EPSS
CVE
CVE
added 2023/10/03 5:0 a.m.97 views

CVE-2023-24849

CVE-2023-24849 affects Qualcomm closed‑source Data Modem; the issue is Information Disclosure caused by parsing FMTP lines in SDP messages. Root cause: a flaw in the FMTP parsing logic in the Data Modem leading to confidentiality impact (CVE exhibits High impact, with network attack vector and no...

8.2CVSS7.5AI score0.00299EPSS
CVE
CVE
added 2023/04/04 4:46 a.m.92 views

CVE-2022-33302

CVE-2022-33302 describes a memory corruption in the Qualcomm User Identity Module caused by improper validation of an array index when the APN TLV length exceeds the command length. Documents reference this vulnerability across multiple feeds (NVD, Red Hat, PRION, CNNVD, CVE list) with the same d...

7.8CVSS7.3AI score0.00118EPSS
CVE
CVE
added 2023/06/06 7:38 a.m.86 views

CVE-2022-40521

CVE-2022-40521 is documented with concrete details in connected sources: a Transient Denial of Service due to improper authorization in Qualcomm baseband/modem components. The issue affects Qualcomm basebands and is described as a DoS vulnerability arising from improper authorization, with a Netw...

7.5CVSS7.5AI score0.00354EPSS
CVE
CVE
added 2023/04/04 4:46 a.m.81 views

CVE-2022-33289

Technical details about CVE-2022-33289 (affected products/versions/fix) are not provided in the supplied connected documents. Monitor for updates and additional authoritative disclosures.

6.8CVSS6.8AI score0.00186EPSS
CVE
CVE
added 2023/10/03 5:0 a.m.81 views

CVE-2023-24848

CVE-2023-24848 describes an information disclosure in the Qualcomm Data Modem during VoLTE calls when an undefined RTCP FB line value is observed. Public records here confirm the issue title and network-facing context, with CVE-2023-24848 listed in multiple feeds (NVD, CVE list) and linked to Qua...

8.2CVSS7.5AI score0.00299EPSS
CVE
CVE
added 2023/12/05 3:4 a.m.79 views

CVE-2023-33018

CVE-2023-33018 describes a memory corruption in the Qualcomm UIM (User Identity Module) related to the diag command used to retrieve the operator’s name. The CVE is rated HIGH with a CVSS v3.1 base score of 7.8 (LOCAL attack vector, LOW attack complexity, LOW privileges required, no user interact...

7.8CVSS7.9AI score0.0011EPSS
CVE
CVE
added 2023/06/06 7:38 a.m.78 views

CVE-2022-33264

CVE-2022-33264 is a memory corruption issue in Qualcomm modem components caused by a stack-based buffer overflow during parsing of OTASP Key Generation Request Messages. Affects Qualcomm closed-source/modem firmware; CVSS base score ~7.8–7.9 HIGH with LOCAL exploit. The issue is discussed in Qual...

7.9CVSS8.1AI score0.00115EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.76 views

CVE-2023-33030

CVE-2023-33030 is a memory corruption issue in HLOS observed while running the PlayReady use-case on Qualcomm chipsets. Connected details indicate the underlying cause as buffer copy without checking the size of input, leading to potential corruption. Documented impact across sources emphasizes h...

9.3CVSS7.8AI score0.00122EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.74 views

CVE-2023-28550

CVE-2023-28550 affects Qualcomm chipsets, describing memory corruption in MPP performance when accessing the DSM watermark via an external memory address. The vulnerability is tied to improper memory bounds handling within the MPP component, leading to potential high-severity impact (as indicated...

7.8CVSS7.9AI score0.00118EPSS
CVE
CVE
added 2023/10/03 5:0 a.m.73 views

CVE-2023-22385

CVE-2023-22385 is a memory corruption issue in the Qualcomm Data Modem that can occur during MO or MT VOLTE calls. Public documents consistently describe the affected component as the Data Modem and attribute the vulnerability to memory corruption in that subsystem. The CVE appears in multiple fe...

9.8CVSS9.1AI score0.00353EPSS
CVE
CVE
added 2024/01/02 5:38 a.m.71 views

CVE-2023-33033

Technical details (affected products, versions, root cause, fixes) for CVE-2023-33033 are not publicly provided in the supplied connected documents; monitor updates from Qualcomm/Red Hat/NVD references.

8.4CVSS7.8AI score0.00119EPSS
CVE
CVE
added 2023/12/05 3:3 a.m.62 views

CVE-2023-28551

CVE-2023-28551 describes memory corruption in UTILS when the modem processes memory-specific Diag commands with arbitrary address values. The issue affects Qualcomm chipset components (Qualcomm closed-source/Qualcomm components) and is rated with CVSS v3.1: Local access, Low attack complexity, Lo...

7.8CVSS8AI score0.00118EPSS
CVE
CVE
added 2025/04/07 10:15 a.m.52 views

CVE-2024-45552

CVE-2024-45552 affects Qualcomm components (closed‑source) and involves an information-disclosure condition during a video call when a device resets due to a non-conforming RTCP packet that does not adhere to RFC standards. root cause: RTCP packet non-conformance leading to state reset and data e...

8.2CVSS6.4AI score0.00251EPSS
CVE
CVE
added 2024/08/05 2:21 p.m.35 views

CVE-2024-23353

CVE-2024-23353 affects Qualcomm components (Multi Mode Call Processor) and describes a transient denial-of-service during decoding an attach reject message received by UE when IEI is set to ESM_IEI. CVSSv3.1 base score 7.5 (High) with network attack vector, no user interaction, and impact limited...

7.5CVSS7.5AI score0.00346EPSS