Vulnerabilidades em Qualcomm, Inc.

2.934 resultados
Análise Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2019-10598Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop fEPSS 0.2%CVE-2019-10600Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in SnapdrEPSS 0.2%CVE-2019-10536Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on EPSS 0.2%CVE-2020-3621u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into EPSS 0.2%CVE-2020-11309Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, SnapEPSS 0.2%CVE-2019-2304Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon ConsEPSS 0.2%CVE-2018-11980When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen EPSS 0.2%CVE-2020-3693u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, SnapdraEPSS 0.2%CVE-2020-11185Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in EPSS 0.2%CVE-2020-11180Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, SnapdraEPSS 0.2%CVE-2018-11894In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred netwoEPSS 0.2%CVE-2018-11869In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check EPSS 0.2%CVE-2018-11868In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check EPSS 0.2%CVE-2017-18124During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon MobEPSS 0.2%CVE-2020-3684u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them witEPSS 0.2%CVE-2025-47403MEDIUMBuffer Over-read in WLAN FirmwareEPSS 0.2%CVE-2018-5911Buffer overflow in WLAN function due to improper check of buffer size before copying in Snapdragon Auto, Snapdragon Consumer IOT, SnapdragonEPSS 0.2%CVE-2018-13913Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, SnaEPSS 0.2%CVE-2025-47401MEDIUMBuffer Over-read in WLAN HALEPSS 0.2%CVE-2019-2264Null pointer dereference occurs for channel context while opening glink channel in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon MobiEPSS 0.2%