CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-49841 – Detection of Error Condition Without Action in Hypervisor
https://notcve.org/view.php?id=CVE-2024-49841
06 May 2025 — Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling. Corrupción de memoria durante la asignación de memoria a una máquina virtual periférica sin cabeza debido a un manejo incorrecto del código de error. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html • CWE-390: Detection of Error Condition Without Action •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-49835 – Out-of-bounds Write in SPS Applications
https://notcve.org/view.php?id=CVE-2024-49835
06 May 2025 — Memory corruption while reading secure file. Corrupción de memoria al leer un archivo seguro. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html • CWE-787: Out-of-bounds Write •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45562 – Use After Free in HLOS
https://notcve.org/view.php?id=CVE-2024-45562
06 May 2025 — Memory corruption during concurrent access to server info object due to unprotected critical field. Corrupción de memoria durante el acceso simultáneo al objeto de información del servidor debido a un campo crítico desprotegido. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2025-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2025-21430 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2025-21430
07 Apr 2025 — Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21429 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2025-21429
07 Apr 2025 — Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-21428 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2025-21428
07 Apr 2025 — Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.5EPSS: 0%CPEs: 19EXPL: 0CVE-2024-45552 – Buffer Over-read in Data Network Stack & Connectivity
https://notcve.org/view.php?id=CVE-2024-45552
07 Apr 2025 — Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.2EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45551 – Weak Authentication in HLOS
https://notcve.org/view.php?id=CVE-2024-45551
07 Apr 2025 — Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-1390: Weak Authentication •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-43066 – Use After Free in HLOS
https://notcve.org/view.php?id=CVE-2024-43066
07 Apr 2025 — Memory corruption while handling file descriptor during listener registration/de-registration. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2024-43046 – Information Exposure in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-43046
07 Apr 2025 — There may be information disclosure during memory re-allocation in TZ Secure OS. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •