Qualcomm Snapdragon 670 Mobile Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:qualcomm:snapdragon_670_mobile_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Qualcomm (4194a0de-9926-556d-a143-7609c2315dd6) |
|---|---|
| Product | Snapdragon 670 Mobile Firmware (a83105c6-cad2-5d54-87c3-0da06e0d6dd3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-21454 |
vulnerable | 2026-06-03 14:59:21.348917 |
Buffer Over-read in WLAN Embedded SW
HIGH (7.5)
Transient DOS while processing received beacon frame.
Published: 2025-07-08T12:49:01.843Z
Updated: 2025-07-08T14:21:54.016Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21453 |
vulnerable | 2026-06-03 14:59:21.299712 |
Use After Free in GPS HLOS Driver
HIGH (7.8)
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
Published: 2025-05-06T08:32:26.299Z
Updated: 2026-02-26T18:28:55.702Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21449 |
vulnerable | 2026-06-03 14:59:21.090611 |
Buffer Over-read in WLAN Embedded SW
HIGH (7.5)
Transient DOS may occur while processing malformed length field in SSID IEs.
Published: 2025-07-08T12:48:58.639Z
Updated: 2025-07-08T14:27:43.328Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21433 |
vulnerable | 2026-06-03 14:59:20.580652 |
NULL Pointer Dereference in SPS-HLOS
MEDIUM (6.2)
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
Published: 2025-07-08T12:48:52.630Z
Updated: 2025-07-08T16:10:56.037Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21432 |
vulnerable | 2026-06-03 14:59:20.532897 |
Double Free in SPS-HLOS
HIGH (7.8)
Memory corruption while retrieving the CBOR data from TA.
Published: 2025-07-08T12:48:50.667Z
Updated: 2026-02-26T18:27:48.873Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21427 |
vulnerable | 2026-06-03 14:59:19.793963 |
Buffer Over-read in Data HLOS - LNX
HIGH (8.2)
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Published: 2025-07-08T12:48:49.081Z
Updated: 2025-07-08T16:11:08.309Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21422 |
vulnerable | 2026-06-03 14:59:19.414058 |
Cryptographic Issues in Automotive
HIGH (7.1)
Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.
Published: 2025-07-08T12:48:46.294Z
Updated: 2026-02-26T18:27:49.050Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-53009 |
vulnerable | 2026-06-03 14:57:38.135600 |
Improper Validation of Array Index in Automotive Autonomy
MEDIUM (5.3)
Memory corruption while operating the mailbox in Automotive.
Published: 2025-07-08T12:48:44.614Z
Updated: 2025-07-08T16:11:19.907Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49844 |
vulnerable | 2026-06-03 14:57:14.085622 |
Improper Input Validation in Automotive
HIGH (7.8)
Memory corruption while triggering commands in the PlayReady Trusted application.
Published: 2025-05-06T08:32:21.132Z
Updated: 2026-02-26T18:28:56.400Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49842 |
vulnerable | 2026-06-03 14:57:14.032641 |
Improper Access Control in Hypervisor
HIGH (7.8)
Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.
Published: 2025-05-06T08:32:19.898Z
Updated: 2026-02-26T18:28:56.722Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49841 |
vulnerable | 2026-06-03 14:57:14.008445 |
Detection of Error Condition Without Action in Hypervisor
HIGH (7.8)
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.
Published: 2025-05-06T08:32:18.628Z
Updated: 2026-02-26T18:28:57.069Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49835 |
vulnerable | 2026-06-03 14:57:13.672994 |
Out-of-bounds Write in SPS Applications
HIGH (7.8)
Memory corruption while reading secure file.
Published: 2025-05-06T08:32:17.432Z
Updated: 2026-02-26T18:28:57.237Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38420 |
vulnerable | 2026-06-03 14:56:17.884278 |
Improper Input Validation in Hypervisor
HIGH (8.8)
Memory corruption while configuring a Hypervisor based input virtual device.
Published: 2025-02-03T16:51:23.408Z
Updated: 2025-02-03T17:36:04.536Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33060 |
vulnerable | 2026-06-03 14:55:51.638954 |
Use After Free in DSP Service
HIGH (8.4)
Memory corruption when two threads try to map and unmap a single node simultaneously.
Published: 2024-09-02T10:22:46.127Z
Updated: 2024-09-05T03:56:12.175Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33052 |
vulnerable | 2026-06-03 14:55:51.288674 |
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host
HIGH (7.8)
Memory corruption when user provides data for FM HCI command control operations.
Published: 2024-09-02T10:22:43.062Z
Updated: 2024-09-05T03:56:07.096Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-21468 |
vulnerable | 2026-06-03 14:54:48.963596 |
Use After Free in Kernel
HIGH (8.4)
Memory corruption when there is failed unmap operation in GPU.
Published: 2024-04-01T15:06:05.821Z
Updated: 2024-08-08T19:21:42.353Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43551 |
vulnerable | 2026-06-03 14:53:03.512408 |
Improper Authentication in Multi-Mode Call Processor
CRITICAL (9.1)
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Published: 2024-06-03T10:05:21.301Z
Updated: 2024-08-02T19:44:43.781Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43548 |
vulnerable | 2026-06-03 14:53:03.279196 |
Buffer Copy Without Checking Size of Input in Video
HIGH (7.3)
Memory corruption while parsing qcp clip with invalid chunk data size.
Published: 2024-03-04T10:48:53.494Z
Updated: 2024-08-02T19:44:43.762Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43542 |
vulnerable | 2026-06-03 14:53:03.179640 |
Buffer Copy Without Checking Size of Input in Trusted Execution Environment
HIGH (7.8)
Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
Published: 2024-06-03T10:05:15.885Z
Updated: 2024-08-13T20:04:11.714Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43538 |
vulnerable | 2026-06-03 14:53:03.040870 |
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in TZ Secure OS
CRITICAL (9.3)
Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.
Published: 2024-06-03T10:05:14.252Z
Updated: 2024-08-02T19:44:43.850Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43530 |
vulnerable | 2026-06-03 14:53:02.764908 |
Integer Overflow or Wraparound in HLOS
MEDIUM (5.9)
Memory corruption in HLOS while checking for the storage type.
Published: 2024-05-06T14:32:10.758Z
Updated: 2024-08-02T19:44:43.809Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33119 |
vulnerable | 2026-06-03 14:52:12.644011 |
Time-of-check Time-of-use (TOCTOU) Race Condition in Hypervisor
HIGH (8.4)
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
Published: 2024-05-06T14:32:01.069Z
Updated: 2025-12-16T18:23:23.636Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33115 |
vulnerable | 2026-06-03 14:52:12.497185 |
Buffer Over-read in Trusted Execution Environment
HIGH (7.8)
Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.
Published: 2024-04-01T15:05:57.965Z
Updated: 2024-08-23T18:52:39.896Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33066 |
vulnerable | 2026-06-03 14:52:03.770321 |
Use of Out-of-range Pointer Offset in Audio
HIGH (8.4)
Memory corruption in Audio while processing RT proxy port register driver.
Published: 2024-03-04T10:48:31.460Z
Updated: 2024-08-05T13:34:54.895Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33023 |
vulnerable | 2026-06-03 14:52:02.033964 |
Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications
HIGH (8.4)
Memory corruption while processing finish_sign command to pass a rsp buffer.
Published: 2024-04-01T15:05:51.287Z
Updated: 2024-08-02T15:32:46.521Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28578 |
vulnerable | 2026-06-03 14:51:12.690017 |
Improper Input Validation in Services
CRITICAL (9.3)
Memory corruption in Core Services while executing the command for removing a single event listener.
Published: 2024-03-04T10:48:27.802Z
Updated: 2024-08-29T18:23:28.510Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28547 |
vulnerable | 2026-06-03 14:51:10.883757 |
Buffer Copy Without Checking Size of Input in SPS Applications
HIGH (8.4)
Memory corruption in SPS Application while requesting for public key in sorter TA.
Published: 2024-04-01T15:05:49.478Z
Updated: 2024-08-02T13:43:22.683Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.