CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45553 – Use After Free in DSP Services
https://notcve.org/view.php?id=CVE-2024-45553
06 Jan 2025 — Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33067 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-33067
06 Jan 2025 — Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/january-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43048 – Stack-based Buffer Overflow in Performance
https://notcve.org/view.php?id=CVE-2024-43048
02 Dec 2024 — Memory corruption when invalid input is passed to invoke GPU Headroom API call. Corrupción de memoria cuando se pasa una entrada no válida para invocar la llamada GPU Headroom API. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2024-33056 – Buffer Over-read in MProc
https://notcve.org/view.php?id=CVE-2024-33056
02 Dec 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Corrupción de memoria al asignar y acceder a una entrada en una partición SMEM de forma continua. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 19EXPL: 0CVE-2024-33044 – Improper Validation of Array Index in Hypervisor
https://notcve.org/view.php?id=CVE-2024-33044
02 Dec 2024 — Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Corrupción de memoria al configurar el registro SMR/S2CR en modo Bypass. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-5852 – Buffer Over-read in IPA
https://notcve.org/view.php?id=CVE-2018-5852
26 Nov 2024 — An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat' • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18307 – Information Exposure in Kernel
https://notcve.org/view.php?id=CVE-2017-18307
26 Nov 2024 — Information disclosure possible while audio playback. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18306 – Information Exposure in Camera Driver
https://notcve.org/view.php?id=CVE-2017-18306
26 Nov 2024 — Information disclosure due to uninitialized variable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-11952 – Improper Authentication in TrustZone
https://notcve.org/view.php?id=CVE-2018-11952
26 Nov 2024 — An image with a version lower than the fuse version may potentially be booted lead to improper authentication. Es posible que una imagen con una versión inferior a la versión de fuse se inicie y dé lugar a una autenticación incorrecta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2018-11922 – Configurations in Android Build
https://notcve.org/view.php?id=CVE-2018-11922
26 Nov 2024 — Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. Una configuración incorrecta en la aplicación Touch Pal puede recopilar datos sobre el comportamiento del usuario sin que éste se dé cuenta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-16: Configuration •