CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-49834 – Improper Validation of Array Index in Camera
https://notcve.org/view.php?id=CVE-2024-49834
03 Feb 2025 — Memory corruption while power-up or power-down sequence of the camera sensor. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45584 – Untrusted Pointer Dereference in Automotive Android OS
https://notcve.org/view.php?id=CVE-2024-45584
03 Feb 2025 — Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-822: Untrusted Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-38420 – Improper Input Validation in Hypervisor
https://notcve.org/view.php?id=CVE-2024-38420
03 Feb 2025 — Memory corruption while configuring a Hypervisor based input virtual device. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45553 – Use After Free in DSP Services
https://notcve.org/view.php?id=CVE-2024-45553
06 Jan 2025 — Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33067 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-33067
06 Jan 2025 — Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43048 – Stack-based Buffer Overflow in Performance
https://notcve.org/view.php?id=CVE-2024-43048
02 Dec 2024 — Memory corruption when invalid input is passed to invoke GPU Headroom API call. Corrupción de memoria cuando se pasa una entrada no válida para invocar la llamada GPU Headroom API. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2024-33056 – Buffer Over-read in MProc
https://notcve.org/view.php?id=CVE-2024-33056
02 Dec 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Corrupción de memoria al asignar y acceder a una entrada en una partición SMEM de forma continua. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 19EXPL: 0CVE-2024-33044 – Improper Validation of Array Index in Hypervisor
https://notcve.org/view.php?id=CVE-2024-33044
02 Dec 2024 — Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Corrupción de memoria al configurar el registro SMR/S2CR en modo Bypass. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-5852 – Buffer Over-read in IPA
https://notcve.org/view.php?id=CVE-2018-5852
26 Nov 2024 — An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat' • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18307 – Information Exposure in Kernel
https://notcve.org/view.php?id=CVE-2017-18307
26 Nov 2024 — Information disclosure possible while audio playback. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •