threat
engine
.sh
Back
·
··:··
Home
/
Product
/
qualcomm sm6370 firmware
Product
qualcomm sm6370 firmware
72 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-27054
all versions
Memory corruption while processing a malformed license file during reboot.
7.8
HIGH
CVE-2025-27053
all versions
Memory corruption during PlayReady APP usecase while processing TA commands.
7.8
HIGH
CVE-2025-21488
all versions
Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
8.2
HIGH
CVE-2025-21487
all versions
Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than th
8.2
HIGH
CVE-2025-21484
all versions
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP pa
8.2
HIGH
CVE-2025-21483
all versions
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
9.8
CRITICAL
CVE-2025-21482
all versions
Cryptographic issue while performing RSA PKCS padding decoding.
7.1
HIGH
CVE-2025-21481
all versions
Memory corruption while performing private key encryption in trusted application.
7.8
HIGH
CVE-2025-27066
all versions
Transient DOS while processing an ANQP message.
7.5
HIGH
CVE-2025-27062
all versions
Memory corruption while handling client exceptions, allowing unauthorized channel access.
7.8
HIGH
CVE-2025-21465
all versions
Information disclosure while processing the hash segment in an MBN file.
6.5
MEDIUM
CVE-2025-21464
all versions
Information disclosure while reading data from an image using specified offset and size parameters.
6.5
MEDIUM
CVE-2025-21452
all versions
Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.
7.5
HIGH
CVE-2025-27061
all versions
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmwar
7.8
HIGH
CVE-2025-27043
all versions
Memory corruption while processing manipulated payload in video firmware.
7.8
HIGH
CVE-2025-27042
all versions
Memory corruption while processing video packets received from video firmware.
7.8
HIGH
CVE-2025-21454
all versions
Transient DOS while processing received beacon frame.
7.5
HIGH
CVE-2025-21450
all versions
Cryptographic issue occurs due to use of insecure connection method while downloading.
9.1
CRITICAL
CVE-2025-21449
all versions
Transient DOS may occur while processing malformed length field in SSID IEs.
7.5
HIGH
CVE-2025-21433
all versions
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
6.2
MEDIUM
CVE-2025-21432
all versions
Memory corruption while retrieving the CBOR data from TA.
7.8
HIGH
CVE-2025-21427
all versions
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
8.2
HIGH
CVE-2024-53026
all versions
Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.
8.2
HIGH
CVE-2024-53021
all versions
Information disclosure may occur while processing goodbye RTCP packet from network.
8.2
HIGH
CVE-2024-53020
all versions
Information disclosure may occur while decoding the RTP packet with invalid header extension from network.
8.2
HIGH
CVE-2025-21468
all versions
Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null
7.8
HIGH
CVE-2025-21453
all versions
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures oc
7.8
HIGH
CVE-2024-49835
all versions
Memory corruption while reading secure file.
7.8
HIGH
CVE-2025-21429
all versions
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request.
7.5
HIGH
CVE-2024-45552
all versions
Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to
8.2
HIGH
CVE-2024-45551
all versions
Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification fai
6.2
MEDIUM
CVE-2024-43066
all versions
Memory corruption while handling file descriptor during listener registration/de-registration.
7.8
HIGH
CVE-2024-43046
all versions
There may be information disclosure during memory re-allocation in TZ Secure OS.
5.5
MEDIUM
CVE-2025-21424
all versions
Memory corruption while calling the NPU driver APIs concurrently.
7.8
HIGH
CVE-2024-53027
all versions
Transient DOS may occur while processing the country IE.
7.5
HIGH
CVE-2024-53024
all versions
Memory corruption in display driver while detaching a device.
7.8
HIGH
CVE-2024-53014
all versions
Memory corruption may occur while validating ports and channels in Audio driver.
7.8
HIGH
CVE-2024-43051
all versions
Information disclosure while deriving keys for a session for any Widevine use case.
5.5
MEDIUM
CVE-2024-49834
all versions
Memory corruption while power-up or power-down sequence of the camera sensor.
7.8
HIGH
CVE-2024-33056
all versions
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
8.4
HIGH
CVE-2024-38423
all versions
Memory corruption while processing GPU page table switch.
7.8
HIGH
CVE-2024-38422
all versions
Memory corruption while processing voice packet with arbitrary data received from ADSP.
7.8
HIGH
CVE-2024-38415
all versions
Memory corruption while handling session errors from firmware.
7.8
HIGH
CVE-2024-38408
all versions
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
8.2
HIGH
CVE-2024-23385
all versions
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE.
7.5
HIGH
CVE-2024-38402
all versions
Memory corruption while processing IOCTL call for getting group info.
7.8
HIGH
CVE-2024-33060
all versions
Memory corruption when two threads try to map and unmap a single node simultaneously.
8.4
HIGH
CVE-2024-33051
all versions
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
7.5
HIGH
CVE-2024-33050
all versions
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improp
7.5
HIGH
CVE-2024-33045
all versions
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
8.4
HIGH
CVE-2024-33035
all versions
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.
8.4
HIGH
CVE-2024-33016
all versions
memory corruption when an invalid firehose patch command is invoked.
6.8
MEDIUM
CVE-2024-23364
all versions
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of
7.5
HIGH
CVE-2024-23362
all versions
Cryptographic issue while parsing RSA keys in COBR format.
7.1
HIGH
CVE-2024-33023
all versions
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
8.4
HIGH
CVE-2024-33014
all versions
Transient DOS while parsing ESP IE from beacon/probe response frame.
7.5
HIGH
CVE-2024-33012
all versions
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
7.5
HIGH
CVE-2024-33011
all versions
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
7.5
HIGH
CVE-2024-33010
all versions
Transient DOS while parsing fragments of MBSSID IE from beacon frame.
7.5
HIGH
CVE-2024-23357
all versions
Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.
6.2
MEDIUM
CVE-2024-23356
all versions
Memory corruption during session sign renewal request calls in HLOS.
7.8
HIGH
CVE-2024-23373
all versions
Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.
8.4
HIGH
CVE-2024-23368
all versions
Memory corruption when allocating and accessing an entry in an SMEM partition.
7.8
HIGH
CVE-2024-21469
all versions
Memory corruption when an invoke call and a TEE call are bound for the same trusted application.
7.3
HIGH
CVE-2024-21465
all versions
Memory corruption while processing key blob passed by the user.
7.8
HIGH
CVE-2024-21462
all versions
Transient DOS while loading the TA ELF file.
7.1
HIGH
CVE-2024-21461
all versions
Memory corruption while performing finish HMAC operation when context is freed by keymaster.
8.4
HIGH
CVE-2024-21475
all versions
Memory corruption when the payload received from firmware is not as per the expected protocol size.
7.8
HIGH
CVE-2024-21471
all versions
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.
8.4
HIGH
CVE-2024-21468
all versions
Memory corruption when there is failed unmap operation in GPU.
8.4
HIGH
CVE-2023-33023
all versions
Memory corruption while processing finish_sign command to pass a rsp buffer.
8.4
HIGH
CVE-2023-28547
all versions
Memory corruption in SPS Application while requesting for public key in sorter TA.
8.4
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin