CVE-2025-21487

all versions

Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than th

8.2HIGH

CVE-2025-21483

all versions

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.

9.8CRITICAL

CVE-2024-53026

all versions

Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call.

8.2HIGH

CVE-2024-53021

all versions

Information disclosure may occur while processing goodbye RTCP packet from network.

8.2HIGH

CVE-2024-53020

all versions

Information disclosure may occur while decoding the RTP packet with invalid header extension from network.

8.2HIGH

CVE-2024-33056

all versions

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

8.4HIGH

CVE-2024-38423

all versions

Memory corruption while processing GPU page table switch.

7.8HIGH

CVE-2024-38422

all versions

Memory corruption while processing voice packet with arbitrary data received from ADSP.

7.8HIGH

CVE-2024-33043

all versions

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

5.5MEDIUM

CVE-2024-33014

all versions

Transient DOS while parsing ESP IE from beacon/probe response frame.

7.5HIGH

CVE-2024-21461

all versions

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

8.4HIGH

CVE-2023-43533

all versions

Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.

7.5HIGH

CVE-2023-43511

all versions

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the n

7.5HIGH

CVE-2023-33110

all versions

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP an

7.8HIGH

CVE-2023-33033

all versions

Memory corruption in Audio during playback with speaker protection.

8.4HIGH

CVE-2023-33030

all versions

Memory corruption in HLOS while running playready use-case.

9.3CRITICAL

CVE-2023-33107

all versions

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

8.4HIGH

CVE-2023-33080

all versions

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

7.5HIGH

CVE-2023-33018

all versions

Memory corruption while using the UIM diag command to get the operators name.

7.8HIGH

CVE-2023-28588

all versions

Transient DOS in Bluetooth Host while rfc slot allocation.

7.5HIGH

CVE-2023-28551

all versions

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

7.8HIGH

CVE-2023-28550

all versions

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

7.8HIGH

CVE-2023-28546

all versions

Memory Corruption in SPS Application while exporting public key in sorter TA.

7.8HIGH

CVE-2023-33059

all versions

Memory corruption in Audio while processing the VOC packet data from ADSP.

7.8HIGH

CVE-2023-22388

all versions

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

9.8CRITICAL

CVE-2023-33027

all versions

Transient DOS in WLAN Firmware while parsing rsn ies.

7.5HIGH

CVE-2023-24849

all versions

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

8.2HIGH

CVE-2023-24848

all versions

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2HIGH

CVE-2023-24847

all versions

Transient DOS in Modem while allocating DSM items.

7.5HIGH

CVE-2023-22385

all versions

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

8.2HIGH

CVE-2023-28560

all versions

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

7.8HIGH

CVE-2023-28559

all versions

Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.

7.8HIGH

CVE-2023-28558

all versions

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

7.8HIGH

CVE-2023-28557

all versions

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

7.8HIGH

CVE-2023-28549

all versions

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

7.8HIGH

CVE-2023-28544

all versions

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

7.8HIGH

CVE-2023-21628

all versions

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

8.4HIGH

CVE-2022-40521

all versions

Transient DOS due to improper authorization in Modem

7.5HIGH

CVE-2022-40507

all versions

Memory corruption due to double free in Core while mapping HLOS address to the list.

8.4HIGH

CVE-2022-33264

all versions

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

7.9HIGH

CVE-2022-22076

all versions

information disclosure due to cryptographic issue in Core during RPMB read request.

7.1HIGH

CVE-2022-40504

all versions

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

7.5HIGH

CVE-2023-21665

all versions

Memory corruption in Graphics while importing a file.

8.4HIGH

CVE-2022-40532

all versions

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target.

8.4HIGH

CVE-2022-33302

all versions

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command le

6.8MEDIUM

CVE-2022-33289

all versions

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8MEDIUM

CVE-2022-33231

all versions

Memory corruption due to double free in core while initializing the encryption key.

9.3CRITICAL