CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2024-49837 – Improper Validation of Array Index in Automotive OS Platform QNX
https://notcve.org/view.php?id=CVE-2024-49837
03 Feb 2025 — Memory corruption while reading CPU state data during guest VM suspend. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 6.7EPSS: 0%CPEs: 24EXPL: 0CVE-2024-33039 – Untrusted Pointer Dereference in Audio
https://notcve.org/view.php?id=CVE-2024-33039
02 Dec 2024 — Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service. Corrupción de memoria cuando el cliente PAL llama a las API del servicio PAL pasando un valor aleatorio como identificador y el servicio no valida el identificador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 82EXPL: 0CVE-2024-38421 – Use After Free in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38421
04 Nov 2024 — Memory corruption while processing GPU commands. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 103EXPL: 0CVE-2024-38405 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-38405
04 Nov 2024 — Transient DOS while processing the CU information from RNR IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 42EXPL: 0CVE-2024-38399 – Use After Free in Graphics
https://notcve.org/view.php?id=CVE-2024-38399
07 Oct 2024 — Memory corruption while processing user packets to generate page faults. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 20EXPL: 0CVE-2024-23378 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio
https://notcve.org/view.php?id=CVE-2024-23378
07 Oct 2024 — Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 120EXPL: 0CVE-2024-23369 – Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS
https://notcve.org/view.php?id=CVE-2024-23369
07 Oct 2024 — Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 95EXPL: 0CVE-2024-33020 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-33020
05 Aug 2024 — Transient DOS while processing TID-to-link mapping IE elements. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 69EXPL: 0CVE-2024-23383 – Use After Free in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-23383
05 Aug 2024 — Memory corruption when kernel driver attempts to trigger hardware fences. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 70EXPL: 0CVE-2024-23381 – Use After Free in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-23381
05 Aug 2024 — Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-416: Use After Free •