CVE-2025-47383

all versions

Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.

7.2HIGH

CVE-2025-47320

all versions

Memory corruption while processing MFC channel configuration during music playback.

7.8HIGH

CVE-2025-27053

all versions

Memory corruption during PlayReady APP usecase while processing TA commands.

7.8HIGH

CVE-2025-21482

all versions

Cryptographic issue while performing RSA PKCS padding decoding.

7.1HIGH

CVE-2025-21454

all versions

Transient DOS while processing received beacon frame.

7.5HIGH

CVE-2025-21429

all versions

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.

7.5HIGH

CVE-2025-21428

all versions

Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session

7.5HIGH

CVE-2024-33056

all versions

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

8.4HIGH

CVE-2018-11816

all versions

Crafted Binder Request Causes Heap UAF in MediaServer

7.8HIGH

CVE-2016-10408

all versions

QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device mem

8.4HIGH

CVE-2017-18153

all versions

A race condition exists in a driver potentially leading to a use-after-free condition.

8.4HIGH

CVE-2024-38423

all versions

Memory corruption while processing GPU page table switch.

7.8HIGH

CVE-2024-38422

all versions

Memory corruption while processing voice packet with arbitrary data received from ADSP.

7.8HIGH

CVE-2024-23359

all versions

Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.

8.2HIGH

CVE-2024-23353

all versions

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

7.5HIGH

CVE-2023-43551

all versions

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immedia

9.1CRITICAL

CVE-2024-21468

all versions

Memory corruption when there is failed unmap operation in GPU.

8.4HIGH

CVE-2023-33066

all versions

Memory corruption in Audio while processing RT proxy port register driver.

8.4HIGH

CVE-2023-33069

all versions

Memory corruption in Audio while processing the calibration data returned from ACDB loader.

6.7MEDIUM

CVE-2023-33068

all versions

Memory corruption in Audio while processing IIR config data from AFE calibration block.

6.7MEDIUM

CVE-2023-33067

all versions

Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points.

6.7MEDIUM

CVE-2023-43511

all versions

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the n

7.5HIGH

CVE-2023-33120

all versions

Memory corruption in Audio when memory map command is executed consecutively in ADSP.

7.8HIGH

CVE-2023-33033

all versions

Memory corruption in Audio during playback with speaker protection.

8.4HIGH

CVE-2023-33030

all versions

Memory corruption in HLOS while running playready use-case.

9.3CRITICAL

CVE-2023-33080

all versions

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

7.5HIGH

CVE-2023-33018

all versions

Memory corruption while using the UIM diag command to get the operators name.

7.8HIGH

CVE-2023-33017

all versions

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

7.8HIGH

CVE-2023-28551

all versions

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

7.8HIGH

CVE-2023-28550

all versions

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8HIGH

CVE-2023-33059

all versions

Memory corruption in Audio while processing the VOC packet data from ADSP.

7.8HIGH

CVE-2023-22388

all versions

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

9.8CRITICAL

CVE-2023-24849

all versions

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2HIGH

CVE-2023-24848

all versions

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2HIGH

CVE-2023-22385

all versions

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

8.2HIGH

CVE-2022-40521

all versions

Transient DOS due to improper authorization in Modem

7.5HIGH

CVE-2022-40507

all versions

Memory corruption due to double free in Core while mapping HLOS address to the list.

8.4HIGH

CVE-2022-22076

all versions

information disclosure due to cryptographic issue in Core during RPMB read request.

7.1HIGH

CVE-2023-21665

all versions

Memory corruption in Graphics while importing a file.

8.4HIGH

CVE-2022-40505

all versions

Information disclosure due to buffer over-read in Modem while parsing DNS hostname.

8.2HIGH

CVE-2022-33304

all versions

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet.

7.5HIGH

CVE-2022-40503

all versions

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

8.2HIGH

CVE-2022-33302

all versions

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

6.8MEDIUM

CVE-2022-33291

all versions

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.

8.2HIGH

CVE-2022-33289

all versions

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8MEDIUM

CVE-2022-33287

all versions

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.

8.2HIGH