cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-45559,https://securityvulnerability.io/vulnerability/CVE-2024-45559,Transient Denial of Service Vulnerability in Qualcomm Vdev-FastRPC Backend,"A transient Denial of Service condition can arise in Qualcomm's Vdev-FastRPC backend when a specific type of message is sent by GVM. This vulnerability could lead to disruptions in service availability, impacting user experience and system performance. It is essential for organizations using the Vdev-FastRPC backend to be aware of this issue and implement necessary mitigations to ensure system reliability and security.",Qualcomm,Snapdragon,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:33.201Z,0
CVE-2024-45558,https://securityvulnerability.io/vulnerability/CVE-2024-45558,DOS Vulnerability in Qualcomm Wireless Driver,"A Denial of Service vulnerability exists in Qualcomm's wireless driver due to improper validation of Information Element (IE) lengths when parsing per Station (STA) profile IEs. This oversight may allow an attacker to exploit the EXTN element ID, resulting in transient DOS conditions that can disrupt network connectivity. Users are advised to update their drivers to mitigate potential impacts.",Qualcomm,Snapdragon,7.5,HIGH,0.0004600000102072954,false,false,false,false,false,false,false,2025-01-06T10:33:31.971Z,0
CVE-2024-45555,https://securityvulnerability.io/vulnerability/CVE-2024-45555,Memory Corruption Vulnerability in Qualcomm IFS2 Products,"A memory corruption vulnerability in Qualcomm's IFS2 products can occur when a verified IFS2 image is overwritten without appropriate security checks. This allows an attacker to bypass the boot verification process, enabling the injection of unauthorized programs into sensitive system images. As a result, it creates the potential for malicious actors to boot a compromised IFS2 system image, posing significant risks to system integrity and security.",Qualcomm,Snapdragon,8.4,HIGH,0.0005300000193528831,false,false,false,false,false,false,false,2025-01-06T10:33:30.879Z,0
CVE-2024-45553,https://securityvulnerability.io/vulnerability/CVE-2024-45553,Memory Corruption Vulnerability in Qualcomm Products,"A vulnerability exists in Qualcomm chipsets where memory corruption can occur due to improper management of process-specific maps within a global list. If a specific map is removed from this global list while a different thread is still accessing it for a process-specific operation, it can lead to unpredictable system behavior and potential security risks.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:29.773Z,0
CVE-2024-45550,https://securityvulnerability.io/vulnerability/CVE-2024-45550,Memory Corruption in Qualcomm MCDM Driver Affects Essential Applications,"A memory corruption issue has been identified in the Qualcomm MCDM driver, triggered by any application that invokes IOCTL calls. This vulnerability may lead to unexpected behavior or system instability when executing all MCDM driver IOCTL commands, potentially compromising application integrity.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:28.599Z,0
CVE-2024-45548,https://securityvulnerability.io/vulnerability/CVE-2024-45548,Memory Corruption Vulnerability in Qualcomm Products,A memory corruption issue arises when Qualcomm products are processing FIPS encryption or decryption validation through IOCTL calls. This vulnerability can potentially be exploited to compromise system stability and integrity. Users and system administrators should remain vigilant and apply necessary security updates to affected Qualcomm chipsets to ensure robust protection against exploitation tactics.,Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:27.476Z,0
CVE-2024-45547,https://securityvulnerability.io/vulnerability/CVE-2024-45547,Memory Corruption Vulnerability in Qualcomm Products,"A vulnerability has been identified in Qualcomm products where memory corruption occurs during the processing of IOCTL calls initiated from user-space. This issue specifically affects the verification of non-extension FIPS encryption and decryption functionalities, potentially exposing sensitive data to unauthorized access.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:26.354Z,0
CVE-2024-45546,https://securityvulnerability.io/vulnerability/CVE-2024-45546,Memory Corruption Vulnerability in Qualcomm Products Affecting FIPS Encryption,"This vulnerability involves a memory corruption issue that occurs during the processing of FIPS encryption or decryption IOCTL calls made from user space. If exploited, it could potentially allow an unauthorized user to cause unexpected behavior in the affected system, compromising the integrity and confidentiality of cryptographic operations.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:25.262Z,0
CVE-2024-45542,https://securityvulnerability.io/vulnerability/CVE-2024-45542,Memory Corruption Vulnerability in Qualcomm WLAN Driver,"A vulnerability exists in the WLAN driver that allows for memory corruption triggered by an IOCTL call made from user-space to write board data. This flaw could potentially allow attackers to execute arbitrary code or compromise system integrity by manipulating board data, making it critical for users to apply necessary patches or updates as recommended by Qualcomm.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:24.141Z,0
CVE-2024-45541,https://securityvulnerability.io/vulnerability/CVE-2024-45541,Memory Corruption Vulnerability in Qualcomm Products,"A memory corruption vulnerability has been identified in certain Qualcomm hardware products, potentially allowing a user-space application to manipulate IOCTL calls to read sensitive board data unexpectedly. This could lead to unauthorized access or exposure of proprietary information, emphasizing the importance of timely updates and vigilance in security practices to prevent exploitation.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:22.981Z,0
CVE-2024-43064,https://securityvulnerability.io/vulnerability/CVE-2024-43064,Uncontrolled Resource Consumption in Qualcomm SMMU Drivers,"This vulnerability is associated with uncontrolled resource consumption when a driver, application, or System Memory Management Unit (SMMU) client attempts to access global registers through the SMMU. This can potentially lead to a denial of service, impacting the performance and availability of affected Qualcomm products.",Qualcomm,Snapdragon,7.5,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:21.864Z,0
CVE-2024-43063,https://securityvulnerability.io/vulnerability/CVE-2024-43063,Information Disclosure Vulnerability in Qualcomm Mailbox Read API,"This vulnerability involves an information disclosure issue stemming from the flawed implementation of the mailbox read API in Qualcomm products. When exploited, it allows unauthorized access to sensitive information, potentially leading to data breaches. The security flaw could affect various products that rely on the mailbox read API, underscoring the need for timely updates and comprehensive security practices.",Qualcomm,Snapdragon,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:20.733Z,0
CVE-2024-33067,https://securityvulnerability.io/vulnerability/CVE-2024-33067,Information Disclosure in Qualcomm's Sound Model Driver,"An issue exists within Qualcomm's sound model driver that allows for information disclosure through the invocation of a callback function. This vulnerability can be exploited upon receiving valid opcodes from the sound model driver, potentially leading to unauthorized access to sensitive information. Users are advised to apply necessary patches and updates to mitigate the risk associated with this vulnerability.",Qualcomm,Snapdragon,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:19.592Z,0
CVE-2024-33061,https://securityvulnerability.io/vulnerability/CVE-2024-33061,Information Disclosure Vulnerability in Qualcomm Products,"This vulnerability arises from improper handling of IOCTL calls, which can expose sensitive information when releasing a trusted VM process or opening a communication channel without proper initialization. Attackers could exploit this flaw to gain unauthorized access to sensitive data, emphasizing the need for immediate attention from users of the affected Qualcomm products.",Qualcomm,Snapdragon,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:18.402Z,0
CVE-2024-33059,https://securityvulnerability.io/vulnerability/CVE-2024-33059,Memory Corruption Vulnerability in Qualcomm Products,"A vulnerability exists in Qualcomm products due to memory corruption when processing frame command IOCTL calls. This flaw could potentially allow an attacker to exploit the affected components, leading to unexpected behavior or system instability. Users are advised to stay informed about updates and patches from the vendor to mitigate associated risks.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:17.264Z,0
CVE-2024-33055,https://securityvulnerability.io/vulnerability/CVE-2024-33055,Memory Corruption in Qualcomm Products Due to IOCTL Call Vulnerability,"This vulnerability involves a memory corruption issue that occurs when IOCTL calls are made to unmap Direct Memory Access (DMA) buffers in Qualcomm hardware. As a result, an attacker could exploit this flaw to potentially execute arbitrary code, leading to a compromise of the device's integrity and performance. Proactive measures should be adopted to secure affected systems and mitigate any risks associated with this vulnerability.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:16.059Z,0
CVE-2024-33041,https://securityvulnerability.io/vulnerability/CVE-2024-33041,Memory Corruption Vulnerability in Qualcomm Fence Frame IOCTL,"This vulnerability occurs due to insufficient validation of input parameters for the number of fences during IOCTL calls, leading to potential memory corruption. Attackers could exploit this flaw to execute arbitrary code, which poses a significant risk to system integrity and security. Addressing this vulnerability through appropriate updates and patches is crucial for maintaining the security of affected systems.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:14.917Z,0
CVE-2024-23366,https://securityvulnerability.io/vulnerability/CVE-2024-23366,Information Disclosure Vulnerability in Qualcomm Mailbox API,"An information disclosure vulnerability exists in Qualcomm's Mailbox API that is triggered when the API is invoked with a user message exceeding the mailbox size limits. This flaw can expose sensitive information, potentially compromising user privacy and system integrity. Proper validation and size checks should be implemented to mitigate the impact of this vulnerability.",Qualcomm,Snapdragon,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:13.770Z,0
CVE-2024-21464,https://securityvulnerability.io/vulnerability/CVE-2024-21464,Memory Corruption in Qualcomm Products Due to IPA Statistics Processing,"This vulnerability involves memory corruption during the processing of IPA (Intelligent Power Architecture) statistics when no active clients are registered. This can lead to unstable system behavior and potential exploitation in affected Qualcomm products, particularly impacting various Snapdragon chipsets and networking solutions. It is crucial for users and administrators to evaluate their systems and apply necessary security measures to mitigate risks associated with this vulnerability.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-06T10:33:12.535Z,0
CVE-2024-43053,https://securityvulnerability.io/vulnerability/CVE-2024-43053,WLAN Target Diagnostic Vulnerable to Memory Corruption,"A memory corruption vulnerability has been identified in Qualcomm WLAN products, stemming from faulty handling of IOCTL calls originating from user space designed to read WLAN target diagnostic information. This flaw can enable unauthorized access and manipulation of memory, potentially leading to system instability or unauthorized code execution. Given the widespread use of Qualcomm's WLAN chipsets and software components, this vulnerability poses a serious risk to devices relying on these technologies, necessitating immediate attention from users and system administrators to mitigate potential threats.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-02T10:18:53.503Z,0
CVE-2024-43052,https://securityvulnerability.io/vulnerability/CVE-2024-43052,API Call Memory Corruption Vulnerability,A vulnerability exists due to memory corruption that occurs when processing API calls to the Qualcomm NPU with invalid input. This can potentially allow an attacker to execute arbitrary code or trigger a denial of service. Proper input validation measures need to be implemented to mitigate the risks associated with this vulnerability. Affected users are encouraged to apply the necessary updates as specified in Qualcomm's security bulletin.,Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-02T10:18:52.423Z,0
CVE-2024-43050,https://securityvulnerability.io/vulnerability/CVE-2024-43050,WLAN Driver Memory Corruption Vulnerability,"The vulnerability in Qualcomm's WLAN driver arises from improper handling of IOCTL calls originating from user space. Specifically, this flaw can lead to memory corruption when attempting to issue factory test commands. This defect poses risks as it may be exploited by malicious users to manipulate system behavior, potentially gaining unauthorized access or executing arbitrary code within the system. Prompt updates are necessary for affected products to mitigate these security concerns.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-02T10:18:51.326Z,0
CVE-2024-43049,https://securityvulnerability.io/vulnerability/CVE-2024-43049,IOCTL Memory Corruption Vulnerability Affects Microsoft WLAN Driver,"A significant vulnerability has been identified in the Qualcomm WLAN driver, where memory corruption may occur when invoking IOCTL (Input/Output Control) commands from user space to set a generic private command. This issue can potentially allow an attacker to manipulate memory in ways that could lead to unauthorized actions on the device, impacting its security and stability. Users and administrators are encouraged to review mitigation strategies and update their systems to safeguard against this vulnerability.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-02T10:18:50.243Z,0
CVE-2024-43048,https://securityvulnerability.io/vulnerability/CVE-2024-43048,NVIDIA GPU Headroom API Vulnerable to Memory Corruption via Invalid Input,"The vulnerability involves memory corruption stemming from improper handling of invalid input during calls to the GPU Headroom API in Qualcomm products. This flaw can lead to unpredictable behavior and potential exploitation, placing user systems at risk. Developers and system administrators must remain vigilant and monitor for updates or patches provided by Qualcomm to mitigate this issue.",Qualcomm,Snapdragon,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-02T10:18:49.110Z,0
CVE-2024-33063,https://securityvulnerability.io/vulnerability/CVE-2024-33063,Transient DOS Vulnerability in ML IE Parsing,"A transient denial of service vulnerability exists in Qualcomm's wireless products due to improper parsing of specific management frames. This vulnerability primarily occurs when a beacon frame contains a common info length that exceeds the maximum allowed length for the ML Information Element (IE). Exploitation of this flaw could lead to a denial of service condition, disrupting network connectivity and potentially allowing malicious actors to impact the availability of affected devices.",Qualcomm,Snapdragon,7.5,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-02T10:18:47.904Z,0