This page lists publicly disclosed CVE vulnerabilities affecting qualcomm sd670_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-27054 | Memory corruption while processing a malformed license file during reboot. | [email protected] | 7.8 | 0.01% | 2025-10-09 | 2025-11-05 |
| CVE-2025-27053 | Memory corruption during PlayReady APP usecase while processing TA commands. | [email protected] | 7.8 | 0.01% | 2025-10-09 | 2025-11-05 |
| CVE-2025-27032 | memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency. | [email protected] | 7.8 | 0.01% | 2025-09-24 | 2025-11-28 |
| CVE-2025-21488 | Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. | [email protected] | 8.2 | 0.05% | 2025-09-24 | 2025-11-28 |
| CVE-2025-21487 | Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. | [email protected] | 8.2 | 0.05% | 2025-09-24 | 2025-11-28 |
| CVE-2025-21483 | Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. | [email protected] | 9.8 | 0.05% | 2025-09-24 | 2025-11-28 |
| CVE-2025-21482 | Cryptographic issue while performing RSA PKCS padding decoding. | [email protected] | 7.1 | 0.01% | 2025-09-24 | 2025-12-02 |
| CVE-2025-21481 | Memory corruption while performing private key encryption in trusted application. | [email protected] | 7.8 | 0.01% | 2025-09-24 | 2025-09-25 |
| CVE-2025-27066 | Transient DOS while processing an ANQP message. | [email protected] | 7.5 | 0.17% | 2025-08-06 | 2025-11-28 |
| CVE-2025-21465 | Information disclosure while processing the hash segment in an MBN file. | [email protected] | 6.5 | 0.06% | 2025-08-06 | 2025-11-28 |
| CVE-2025-21464 | Information disclosure while reading data from an image using specified offset and size parameters. | [email protected] | 6.5 | 0.06% | 2025-08-06 | 2025-11-28 |
| CVE-2025-21454 | Transient DOS while processing received beacon frame. | [email protected] | 7.5 | 0.35% | 2025-07-08 | 2025-08-11 |
| CVE-2025-21449 | Transient DOS may occur while processing malformed length field in SSID IEs. | [email protected] | 7.5 | 0.35% | 2025-07-08 | 2026-02-10 |
| CVE-2025-21433 | Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. | [email protected] | 6.2 | 0.06% | 2025-07-08 | 2025-08-11 |
| CVE-2025-21432 | Memory corruption while retrieving the CBOR data from TA. | [email protected] | 7.8 | 0.07% | 2025-07-08 | 2025-08-11 |
| CVE-2025-21427 | Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. | [email protected] | 8.2 | 0.32% | 2025-07-08 | 2026-02-11 |
| CVE-2025-21422 | Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses. | [email protected] | 7.1 | 0.06% | 2025-07-08 | 2025-08-11 |
| CVE-2024-53009 | Memory corruption while operating the mailbox in Automotive. | [email protected] | 5.3 | 0.07% | 2025-07-08 | 2025-08-11 |
| CVE-2024-53026 | Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. | [email protected] | 8.2 | 0.32% | 2025-06-03 | 2025-11-28 |
| CVE-2024-53021 | Information disclosure may occur while processing goodbye RTCP packet from network. | [email protected] | 8.2 | 0.32% | 2025-06-03 | 2025-11-28 |