CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45560 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-45560
03 Feb 2025 — Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-38420 – Improper Input Validation in Hypervisor
https://notcve.org/view.php?id=CVE-2024-38420
03 Feb 2025 — Memory corruption while configuring a Hypervisor based input virtual device. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38418 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Linux
https://notcve.org/view.php?id=CVE-2024-38418
03 Feb 2025 — Memory corruption while parsing the memory map info in IOCTL calls. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-45558 – Buffer Over-read in WLAN Host Cmn
https://notcve.org/view.php?id=CVE-2024-45558
06 Jan 2025 — Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33067 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-33067
06 Jan 2025 — Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2024-43052 – Improper Input Validation in Video Analytics and Processing
https://notcve.org/view.php?id=CVE-2024-43052
02 Dec 2024 — Memory corruption while processing API calls to NPU with invalid input. Corrupción de memoria al procesar llamadas API a NPU con entrada no válida. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43050 – Stack-based Buffer Overflow in WLAN Windows Host
https://notcve.org/view.php?id=CVE-2024-43050
02 Dec 2024 — Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Corrupción de memoria al invocar llamadas IOCTL desde el espacio del usuario para emitir un comando de prueba de fábrica dentro del controlador WLAN. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2024-33056 – Buffer Over-read in MProc
https://notcve.org/view.php?id=CVE-2024-33056
02 Dec 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Corrupción de memoria al asignar y acceder a una entrada en una partición SMEM de forma continua. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 19EXPL: 0CVE-2024-33044 – Improper Validation of Array Index in Hypervisor
https://notcve.org/view.php?id=CVE-2024-33044
02 Dec 2024 — Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Corrupción de memoria al configurar el registro SMR/S2CR en modo Bypass. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2018-11922 – Configurations in Android Build
https://notcve.org/view.php?id=CVE-2018-11922
26 Nov 2024 — Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. Una configuración incorrecta en la aplicación Touch Pal puede recopilar datos sobre el comportamiento del usuario sin que éste se dé cuenta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-16: Configuration •