CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45561 – Use After Free in Windows WLAN Host
https://notcve.org/view.php?id=CVE-2024-45561
03 Feb 2025 — Memory corruption while handling IOCTL call from user-space to set latency level. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45560 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-45560
03 Feb 2025 — Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-38420 – Improper Input Validation in Hypervisor
https://notcve.org/view.php?id=CVE-2024-38420
03 Feb 2025 — Memory corruption while configuring a Hypervisor based input virtual device. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38418 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Linux
https://notcve.org/view.php?id=CVE-2024-38418
03 Feb 2025 — Memory corruption while parsing the memory map info in IOCTL calls. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-45558 – Buffer Over-read in WLAN Host Cmn
https://notcve.org/view.php?id=CVE-2024-45558
06 Jan 2025 — Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33067 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-33067
06 Jan 2025 — Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2024-43052 – Improper Input Validation in Video Analytics and Processing
https://notcve.org/view.php?id=CVE-2024-43052
02 Dec 2024 — Memory corruption while processing API calls to NPU with invalid input. Corrupción de memoria al procesar llamadas API a NPU con entrada no válida. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43050 – Stack-based Buffer Overflow in WLAN Windows Host
https://notcve.org/view.php?id=CVE-2024-43050
02 Dec 2024 — Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver. Corrupción de memoria al invocar llamadas IOCTL desde el espacio del usuario para emitir un comando de prueba de fábrica dentro del controlador WLAN. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-33063 – Integer Overflow or Wraparound in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33063
02 Dec 2024 — Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. DOS transitorio mientras se analiza el ML IE cuando una baliza con una longitud de información común del ML IE es mayor que el ML IE dentro del cual está presente este elemento. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2024-33056 – Buffer Over-read in MProc
https://notcve.org/view.php?id=CVE-2024-33056
02 Dec 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Corrupción de memoria al asignar y acceder a una entrada en una partición SMEM de forma continua. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •