Total
60 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12577 | 2025-03-18 | N/A | 7.3 HIGH | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-47900 | 2025-03-14 | N/A | 7.8 HIGH | ||
| Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory. | |||||
| CVE-2024-47896 | 2025-03-05 | N/A | 3.3 LOW | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-43060 | 2025-03-03 | N/A | 7.8 HIGH | ||
| Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP. | |||||
| CVE-2024-52939 | 2025-02-24 | N/A | 7.8 HIGH | ||
| Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-49840 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-02-05 | N/A | 7.8 HIGH |
| Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality. | |||||
| CVE-2024-45573 | 1 Qualcomm | 48 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 45 more | 2025-02-05 | N/A | 7.8 HIGH |
| Memory corruption may occour while generating test pattern due to negative indexing of display ID. | |||||
| CVE-2024-52936 | 2025-01-31 | N/A | 4.4 MEDIUM | ||
| Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-52935 | 2025-01-13 | N/A | 4.1 MEDIUM | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-47895 | 2025-01-13 | N/A | 7.1 HIGH | ||
| Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-47894 | 2025-01-13 | N/A | 7.1 HIGH | ||
| Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-52937 | 2025-01-13 | N/A | 6.7 MEDIUM | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | |||||
| CVE-2024-52938 | 2025-01-13 | N/A | 7.8 HIGH | ||
| Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory. | |||||
| CVE-2017-11076 | 1 Qualcomm | 54 Msm8909w, Msm8909w Firmware, Msm8996au and 51 more | 2025-01-09 | N/A | 9.8 CRITICAL |
| On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. | |||||
| CVE-2023-43553 | 1 Qualcomm | 262 Ar8035, Ar8035 Firmware, Csr8811 and 259 more | 2025-01-09 | N/A | 9.8 CRITICAL |
| Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE. | |||||
| CVE-2024-33036 | 1 Qualcomm | 104 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 101 more | 2024-12-11 | N/A | 6.7 MEDIUM |
| Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. | |||||
| CVE-2023-43516 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption when malformed message payload is received from firmware. | |||||
| CVE-2023-33110 | 1 Qualcomm | 246 Snapdragon 425 Mobile Platform, Snapdragon 425 Mobile Platform Firmware, Snapdragon 427 Mobile Platform and 243 more | 2024-11-21 | N/A | 7.8 HIGH |
| The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption. | |||||
| CVE-2023-33033 | 1 Qualcomm | 528 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 525 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in Audio during playback with speaker protection. | |||||
| CVE-2023-2426 | 1 Vim | 1 Vim | 2024-11-21 | N/A | 5.5 MEDIUM |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. | |||||