CVE-2025-47403

all versions

Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.

6.5MEDIUM

CVE-2025-47401

all versions

Transient DOS when processing target power rate tables during channel configuration.

6.5MEDIUM

CVE-2026-21367

all versions

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.

7.6HIGH

CVE-2025-47392

all versions

Memory corruption when decoding corrupted satellite data files with invalid signature offsets.

8.8HIGH

CVE-2025-47391

all versions

Memory corruption while processing a frame request from user.

7.8HIGH

CVE-2026-21385

all versions

Memory corruption while using alignments for memory allocation.

7.8HIGH

CVE-2025-47383

all versions

Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.

7.2HIGH

CVE-2025-47373

all versions

Memory Corruption when accessing buffers with invalid length during TA invocation.

7.8HIGH

CVE-2025-47371

all versions

Transient DOS when an LTE RLC packet with invalid TB is received by UE.

6.5MEDIUM

CVE-2025-47398

all versions

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.

7.8HIGH

CVE-2025-47397

all versions

Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.

7.8HIGH

CVE-2025-47366

all versions

Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.

7.1HIGH

CVE-2025-47369

all versions

Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID.

5.5MEDIUM

CVE-2025-47348

all versions

Memory corruption while processing identity credential operations in the trusted application.

7.8HIGH

CVE-2025-47334

all versions

Memory corruption while processing shared command buffer packet between camera userspace and kernel.

6.7MEDIUM

CVE-2025-47333

all versions

Memory corruption while handling buffer mapping operations in the cryptographic driver.

6.6MEDIUM

CVE-2025-47332

all versions

Memory corruption while processing a config call from userspace.

6.7MEDIUM

CVE-2025-47331

all versions

Information disclosure while processing a firmware event.

6.1MEDIUM

CVE-2025-47330

all versions

Transient DOS while parsing video packets received from the video firmware.

5.5MEDIUM

CVE-2025-47323

all versions

Memory corruption while routing GPR packets between user and root when handling large data packet.

7.8HIGH

CVE-2022-25706

all versions

Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compu

8.2HIGH

CVE-2022-25696

all versions

Memory corruption in display due to time-of-check time-of-use race condition during map or unmap in Snapdragon Auto, Snapdragon Co

8.4HIGH

CVE-2022-25693

all versions

Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile

8.4HIGH

CVE-2022-25688

all versions

Memory corruption in video due to buffer overflow while parsing ps video clips in Snapdragon Auto, Snapdragon Compute, Snapdragon

7.3HIGH

CVE-2022-25686

all versions

Memory corruption in video module due to buffer overflow while processing WAV file in Snapdragon Auto, Snapdragon Compute, Snapdra

7.3HIGH

CVE-2022-25670

all versions

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon C

7.5HIGH

CVE-2022-25669

all versions

Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Conne

7.5HIGH

CVE-2022-25656

all versions

Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing

8.4HIGH

CVE-2022-25653

all versions

Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity,

6.8MEDIUM

CVE-2022-22094

all versions

memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon Compute, Snapdragon Connectivity,

7.8HIGH

CVE-2022-22093

all versions

Memory corruption or temporary denial of service due to improper handling of concurrent hypervisor operations to attach or detach

7.8HIGH

CVE-2022-22092

all versions

Memory corruption in kernel due to use after free issue in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT,

7.8HIGH

CVE-2022-22091

all versions

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Comp

7.5HIGH

CVE-2022-22089

all versions

Memory corruption in audio while playing record due to improper list handling in two threads in Snapdragon Connectivity, Snapdrago

8.4HIGH

CVE-2022-22081

all versions

Memory corruption in audio module due to integer overflow in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdrag

8.4HIGH

CVE-2022-22074

all versions

Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity

8.4HIGH

CVE-2022-22066

all versions

Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon C

8.4HIGH

CVE-2022-25668

all versions

Memory corruption in video driver due to double free while parsing ASF clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Con

7.3HIGH

CVE-2022-25659

all versions

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute,

7.3HIGH

CVE-2022-25658

all versions

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdra

7.3HIGH

CVE-2022-25657

all versions

Memory corruption due to buffer overflow occurs while processing invalid MKV clip which has invalid seek header in Snapdragon Auto

7.3HIGH

CVE-2022-22096

all versions

Memory corruption in Bluetooth HOST due to stack-based buffer overflow when extracting data using command length parameter in

9.8CRITICAL

CVE-2022-22070

all versions

Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon C

7.8HIGH

CVE-2022-22067

all versions

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Aut

7.5HIGH

CVE-2022-22062

all versions

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Com

8.2HIGH

CVE-2022-22061

all versions

Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Co

7.8HIGH

CVE-2022-22059

all versions

Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectiv

8.4HIGH

CVE-2021-35134

all versions

Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corrupt

8.4HIGH

CVE-2021-35133

all versions

Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapd

6.7MEDIUM

CVE-2021-35109

all versions

Possible address manipulation from APP-NS while APP-S is configuring an RG where it tries to merge the address ranges in Snapdrago

6.8MEDIUM

CVE-2021-35108

all versions

Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write acc

6.8MEDIUM

CVE-2022-22090

all versions

Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Conn

8.4HIGH

CVE-2022-22087

all versions

memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Comput

7.3HIGH

CVE-2022-22086

all versions

Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon C

7.3HIGH

CVE-2022-22085

all versions

Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Co

8.4HIGH

CVE-2022-22084

all versions

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapd

8.4HIGH

CVE-2022-22083

all versions

Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdrag

7.5HIGH

CVE-2022-22082

all versions

Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdr

8.4HIGH

CVE-2021-35120

all versions

Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Com

6.7MEDIUM

CVE-2021-35119

all versions

Potential out of Bounds read in FIPS event processing due to improper validation of the length from the firmware in Snapdragon Aut

5.5MEDIUM

CVE-2021-35118

all versions

An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snap

6.7MEDIUM

CVE-2021-35111

all versions

Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition in Snapdragon Connectivity, Snapdr

7.5HIGH

CVE-2021-35102

all versions

Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compu

7.8HIGH

CVE-2021-35083

all versions

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Sna

8.2HIGH