Vulnerabilidades em Qualcomm, Inc.

2.934 resultados
Análise Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2024-23372HIGHInteger Overflow or Wraparound in GraphicsEPSS 0.1%CVE-2024-38399HIGHUse After Free in GraphicsEPSS 0.1%CVE-2019-2314Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, SnEPSS 0.1%CVE-2025-47383HIGHMissing Cryptographic Step in Data ModemEPSS 0.1%CVE-2022-22077HIGHMemory corruption in graphics due to use-after-free in graphics dispatcher logic in Snapdragon MobileEPSS 0.1%CVE-2024-45553HIGHUse After Free in DSP ServicesEPSS 0.1%CVE-2024-45542HIGHStack-based Buffer Overflow in WLAN Windows HostEPSS 0.1%CVE-2021-30283HIGHPossible denial of service due to improper handling of debug register trap from user applications in Snapdragon Consumer IOT, Snapdragon IndEPSS 0.1%CVE-2018-5832Due to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS foEPSS 0.1%CVE-2024-33041MEDIUMUse of Out-of-range Pointer Offset in Computer VisionEPSS 0.1%CVE-2024-33059MEDIUMUse After Free in Computer VisionEPSS 0.1%CVE-2024-33035HIGHInteger Overflow or Wraparound in DisplayEPSS 0.1%CVE-2022-25750HIGHMemory corruption in BTHOST due to double free while music playback and calls over bluetooth headset in Snapdragon MobileEPSS 0.1%CVE-2024-21476HIGHImproper Input Validation in Secure ProcessorEPSS 0.1%CVE-2018-5859Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM,EPSS 0.1%CVE-2017-15826Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerabiliEPSS 0.1%CVE-2024-33052HIGHBuffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM HostEPSS 0.1%CVE-2024-33042HIGHBuffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM HostEPSS 0.1%CVE-2017-11042In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, ImsService and the IQtiImsExEPSS 0.1%CVE-2017-14880In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security pEPSS 0.1%