CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-27061 – Out-of-bounds Write in Video
https://notcve.org/view.php?id=CVE-2025-27061
08 Jul 2025 — Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-27042 – Incorrect Calculation of Buffer Size in Video
https://notcve.org/view.php?id=CVE-2025-27042
08 Jul 2025 — Memory corruption while processing video packets received from video firmware. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2025-21454 – Buffer Over-read in WLAN Embedded SW
https://notcve.org/view.php?id=CVE-2025-21454
08 Jul 2025 — Transient DOS while processing received beacon frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2025-21449 – Buffer Over-read in WLAN Embedded SW
https://notcve.org/view.php?id=CVE-2025-21449
08 Jul 2025 — Transient DOS may occur while processing malformed length field in SSID IEs. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.2EPSS: 0%CPEs: 30EXPL: 0CVE-2025-21433 – NULL Pointer Dereference in SPS-HLOS
https://notcve.org/view.php?id=CVE-2025-21433
08 Jul 2025 — Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2025-21432 – Double Free in SPS-HLOS
https://notcve.org/view.php?id=CVE-2025-21432
08 Jul 2025 — Memory corruption while retrieving the CBOR data from TA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-415: Double Free •
CVSS: 8.5EPSS: 0%CPEs: 29EXPL: 0CVE-2025-21427 – Buffer Over-read in Data HLOS - LNX
https://notcve.org/view.php?id=CVE-2025-21427
08 Jul 2025 — Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2025-21422 – Cryptographic Issues in Automotive
https://notcve.org/view.php?id=CVE-2025-21422
08 Jul 2025 — Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-310: Cryptographic Issues •
CVSS: 5.3EPSS: 0%CPEs: 11EXPL: 0CVE-2024-53009 – Improper Validation of Array Index in Automotive Autonomy
https://notcve.org/view.php?id=CVE-2024-53009
08 Jul 2025 — Memory corruption while operating the mailbox in Automotive. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2025-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 8.6EPSS: 1%CPEs: 5EXPL: 1CVE-2025-21479 – Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
https://notcve.org/view.php?id=CVE-2025-21479
03 Jun 2025 — Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. • https://github.com/zhuowei/cheese • CWE-863: Incorrect Authorization •