Vulnerabilidades em Qualcomm, Inc.

2.934 resultados
Análise Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2023-28566MEDIUMBuffer Over-read in WLAN HALEPSS 0.1%CVE-2017-11018In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds mEPSS 0.1%CVE-2018-11818In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed downEPSS 0.1%CVE-2017-9702In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a user-space pointer is direEPSS 0.1%CVE-2023-28569MEDIUMBuffer Over-read in WLAN HALEPSS 0.1%CVE-2017-14899In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL8EPSS 0.1%CVE-2017-11047In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a graphics driver ioctl hEPSS 0.1%CVE-2023-28563MEDIUMBuffer Over-read in IOE FirmwareEPSS 0.1%CVE-2017-11024In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmneEPSS 0.1%CVE-2017-14898In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL8EPSS 0.1%CVE-2017-14900In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL8EPSS 0.1%CVE-2017-11023In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of ouEPSS 0.1%CVE-2023-28554MEDIUMBuffer Over-read in Qualcomm IPCEPSS 0.1%CVE-2017-9698In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improperly specified offset/EPSS 0.1%CVE-2017-11027In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, siEPSS 0.1%CVE-2017-9700In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer overwrite is possibleEPSS 0.1%CVE-2017-11016In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when memory allocation failsEPSS 0.1%CVE-2018-13909Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behEPSS 0.1%CVE-2017-14901In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL8EPSS 0.1%CVE-2023-28553MEDIUMBuffer Over-read in WLAN HostEPSS 0.1%