Qualcomm Snapdragon 690 5G Mobile Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:qualcomm:snapdragon_690_5g_mobile_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Qualcomm (4194a0de-9926-556d-a143-7609c2315dd6) |
|---|---|
| Product | Snapdragon 690 5G Mobile Firmware (58d6d2f3-80de-5c0b-9298-27cb39870128) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-47404 |
vulnerable | 2026-06-03 15:01:32.580326 |
Buffer Copy Without Checking Size of Input in Automotive Audio
MEDIUM (6.5)
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Published: 2026-05-04T16:43:10.032Z
Updated: 2026-05-04T17:18:50.464Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27061 |
vulnerable | 2026-06-03 15:00:10.802815 |
Out-of-bounds Write in Video
HIGH (7.8)
Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware.
Published: 2025-07-08T12:49:21.840Z
Updated: 2025-07-08T13:15:25.173Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27042 |
vulnerable | 2026-06-03 15:00:09.906798 |
Incorrect Calculation of Buffer Size in Video
HIGH (7.8)
Memory corruption while processing video packets received from video firmware.
Published: 2025-07-08T12:49:04.998Z
Updated: 2025-07-08T14:16:03.369Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21467 |
vulnerable | 2026-06-03 14:59:21.779670 |
Out-of-bounds Write in Computer Vision
HIGH (7.8)
Memory corruption while reading the FW response from the shared queue.
Published: 2025-05-06T08:32:31.645Z
Updated: 2026-02-26T18:28:54.760Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21454 |
vulnerable | 2026-06-03 14:59:21.349210 |
Buffer Over-read in WLAN Embedded SW
HIGH (7.5)
Transient DOS while processing received beacon frame.
Published: 2025-07-08T12:49:01.843Z
Updated: 2025-07-08T14:21:54.016Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21453 |
vulnerable | 2026-06-03 14:59:21.300213 |
Use After Free in GPS HLOS Driver
HIGH (7.8)
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur.
Published: 2025-05-06T08:32:26.299Z
Updated: 2026-02-26T18:28:55.702Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21449 |
vulnerable | 2026-06-03 14:59:21.091007 |
Buffer Over-read in WLAN Embedded SW
HIGH (7.5)
Transient DOS may occur while processing malformed length field in SSID IEs.
Published: 2025-07-08T12:48:58.639Z
Updated: 2025-07-08T14:27:43.328Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21433 |
vulnerable | 2026-06-03 14:59:20.580939 |
NULL Pointer Dereference in SPS-HLOS
MEDIUM (6.2)
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
Published: 2025-07-08T12:48:52.630Z
Updated: 2025-07-08T16:10:56.037Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21432 |
vulnerable | 2026-06-03 14:59:20.534909 |
Double Free in SPS-HLOS
HIGH (7.8)
Memory corruption while retrieving the CBOR data from TA.
Published: 2025-07-08T12:48:50.667Z
Updated: 2026-02-26T18:27:48.873Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49835 |
vulnerable | 2026-06-03 14:57:13.679890 |
Out-of-bounds Write in SPS Applications
HIGH (7.8)
Memory corruption while reading secure file.
Published: 2025-05-06T08:32:17.432Z
Updated: 2026-02-26T18:28:57.237Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33060 |
vulnerable | 2026-06-03 14:55:51.639126 |
Use After Free in DSP Service
HIGH (8.4)
Memory corruption when two threads try to map and unmap a single node simultaneously.
Published: 2024-09-02T10:22:46.127Z
Updated: 2024-09-05T03:56:12.175Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-33052 |
vulnerable | 2026-06-03 14:55:51.293764 |
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host
HIGH (7.8)
Memory corruption when user provides data for FM HCI command control operations.
Published: 2024-09-02T10:22:43.062Z
Updated: 2024-09-05T03:56:07.096Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-21475 |
vulnerable | 2026-06-03 14:54:49.293193 |
Use of Out-of-range Pointer Offset in Video
HIGH (7.8)
Memory corruption when the payload received from firmware is not as per the expected protocol size.
Published: 2024-05-06T14:32:15.988Z
Updated: 2024-08-01T22:20:40.866Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-21468 |
vulnerable | 2026-06-03 14:54:48.968086 |
Use After Free in Kernel
HIGH (8.4)
Memory corruption when there is failed unmap operation in GPU.
Published: 2024-04-01T15:06:05.821Z
Updated: 2024-08-08T19:21:42.353Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43555 |
vulnerable | 2026-06-03 14:53:03.654946 |
Buffer Over-read in Video
HIGH (8.2)
Information disclosure in Video while parsing mp2 clip with invalid section length.
Published: 2024-06-03T10:05:22.819Z
Updated: 2024-08-02T19:44:43.706Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43551 |
vulnerable | 2026-06-03 14:53:03.512590 |
Improper Authentication in Multi-Mode Call Processor
CRITICAL (9.1)
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command.
Published: 2024-06-03T10:05:21.301Z
Updated: 2024-08-02T19:44:43.781Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43548 |
vulnerable | 2026-06-03 14:53:03.279363 |
Buffer Copy Without Checking Size of Input in Video
HIGH (7.3)
Memory corruption while parsing qcp clip with invalid chunk data size.
Published: 2024-03-04T10:48:53.494Z
Updated: 2024-08-02T19:44:43.762Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43529 |
vulnerable | 2026-06-03 14:53:02.690691 |
Reachable Assertion in Data Modem
HIGH (7.5)
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.
Published: 2024-05-06T14:32:09.581Z
Updated: 2024-08-02T19:44:43.778Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33104 |
vulnerable | 2026-06-03 14:52:11.628844 |
Improper input Validation in Multi-Mode Call Processor
HIGH (7.5)
Transient DOS while processing PDU Release command with a parameter PDU ID out of range.
Published: 2024-03-04T10:48:43.703Z
Updated: 2024-08-29T18:23:54.358Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33101 |
vulnerable | 2026-06-03 14:52:11.551787 |
Incorrect Type Conversion or Cast in Multi-Mode Call Processor
HIGH (7.5)
Transient DOS while processing DL NAS TRANSPORT message with payload length 0.
Published: 2024-04-01T15:05:55.416Z
Updated: 2024-08-02T15:32:46.752Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33099 |
vulnerable | 2026-06-03 14:52:04.687171 |
Improper Input Validation in Multi-Mode Call Processor
HIGH (7.5)
Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.
Published: 2024-04-01T15:05:52.859Z
Updated: 2024-08-02T15:32:46.647Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33096 |
vulnerable | 2026-06-03 14:52:04.654738 |
Reachable Assertion in Multi-Mode Call Processor
HIGH (7.5)
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.
Published: 2024-03-04T10:48:40.079Z
Updated: 2024-08-12T18:20:49.915Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33095 |
vulnerable | 2026-06-03 14:52:04.646612 |
Reachable Assertion in Multi-Mode Call Processor
HIGH (7.5)
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.
Published: 2024-03-04T10:48:38.728Z
Updated: 2024-08-02T15:32:46.639Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33086 |
vulnerable | 2026-06-03 14:52:04.393960 |
Improper Release of Memory Before Removing Last Reference in Data Modem
HIGH (7.5)
Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.
Published: 2024-03-04T10:48:35.955Z
Updated: 2024-08-26T20:49:49.690Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33066 |
vulnerable | 2026-06-03 14:52:03.770597 |
Use of Out-of-range Pointer Offset in Audio
HIGH (8.4)
Memory corruption in Audio while processing RT proxy port register driver.
Published: 2024-03-04T10:48:31.460Z
Updated: 2024-08-05T13:34:54.895Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-33023 |
vulnerable | 2026-06-03 14:52:02.039022 |
Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications
HIGH (8.4)
Memory corruption while processing finish_sign command to pass a rsp buffer.
Published: 2024-04-01T15:05:51.287Z
Updated: 2024-08-02T15:32:46.521Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28578 |
vulnerable | 2026-06-03 14:51:12.690201 |
Improper Input Validation in Services
CRITICAL (9.3)
Memory corruption in Core Services while executing the command for removing a single event listener.
Published: 2024-03-04T10:48:27.802Z
Updated: 2024-08-29T18:23:28.510Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28547 |
vulnerable | 2026-06-03 14:51:10.889767 |
Buffer Copy Without Checking Size of Input in SPS Applications
HIGH (8.4)
Memory corruption in SPS Application while requesting for public key in sorter TA.
Published: 2024-04-01T15:05:49.478Z
Updated: 2024-08-02T13:43:22.683Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.