CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
12 results · Page 1/1
Qualcomm Multiple Chipsets Memory Corruption Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome.
Required Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory.
Required Action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Qualcomm Multiple Chipsets Integer Overflow Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.
Required Action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.
Required Action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP.
Required Action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain a use-after-free vulnerability when process shell memory is freed using IOCTL munmap call and process initialization is in progress.
Required Action
Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Qualcomm Multiple Chipsets Improper Input Validation Vulnerability
Qualcomm · Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Required Action
Apply updates per vendor instructions.
Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure.
Required Action
Apply updates per vendor instructions.
Qualcomm Multiple Chipsets Use-After-Free Vulnerability
Qualcomm · Multiple Chipsets
Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously.
Required Action
Apply updates per vendor instructions.
