U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 807 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2024-45558

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

Published: January 06, 2025; 6:15:10 AM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2024-45553

Memory corruption can occur when process-specific maps are added to the global list. If a map is removed from the global list while another thread is using it for a process-specific task, issues may arise.

Published: January 06, 2025; 6:15:10 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-45550

Memory corruption occurs when invoking any IOCTL-calling application that executes all MCDM driver IOCTL calls.

Published: January 06, 2025; 6:15:10 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-45548

Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.

Published: January 06, 2025; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-45547

Memory corruption while processing IOCTL call invoked from user-space to verify non extension FIPS encryption and decryption functionality.

Published: January 06, 2025; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-45546

Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.

Published: January 06, 2025; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-45542

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

Published: January 06, 2025; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-45541

Memory corruption when IOCTL call is invoked from user-space to read board data.

Published: January 06, 2025; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-33059

Memory corruption while processing frame command IOCTL calls.

Published: January 06, 2025; 6:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-33055

Memory corruption while invoking IOCTL calls to unmap the DMA buffers.

Published: January 06, 2025; 6:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-33041

Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,

Published: January 06, 2025; 6:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-43053

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

Published: December 02, 2024; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-43052

Memory corruption while processing API calls to NPU with invalid input.

Published: December 02, 2024; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-43050

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

Published: December 02, 2024; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-43049

Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver.

Published: December 02, 2024; 6:15:09 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-43048

Memory corruption when invalid input is passed to invoke GPU Headroom API call.

Published: December 02, 2024; 6:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2024-33063

Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.

Published: December 02, 2024; 6:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2024-33053

Memory corruption when multiple threads try to unregister the CVP buffer at the same time.

Published: December 02, 2024; 6:15:08 AM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2024-33044

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

Published: December 02, 2024; 6:15:08 AM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2021-30299

Possible out of bound access in audio module due to lack of validation of user provided input.

Published: November 22, 2024; 5:15:04 AM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)