This page lists publicly disclosed CVE vulnerabilities affecting qualcomm sdm439_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-11922 | Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. | [email protected] | 9.8 | 0.17% | 2024-11-26 | 2026-06-16 |
| CVE-2017-11076 | On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. | [email protected] | 9.8 | 0.28% | 2024-11-26 | 2026-06-16 |
| CVE-2023-33059 | Memory corruption in Audio while processing the VOC packet data from ADSP. | [email protected] | 7.8 | 0.06% | 2023-11-07 | 2026-06-17 |
| CVE-2023-33055 | Memory Corruption in Audio while invoking callback function in driver from ADSP. | [email protected] | 7.8 | 0.06% | 2023-11-07 | 2026-06-17 |
| CVE-2023-28540 | Cryptographic issue in Data Modem due to improper authentication during TLS handshake. | [email protected] | 9.1 | 0.43% | 2023-10-03 | 2026-06-17 |
| CVE-2023-21657 | Memoru corruption in Audio when ADSP sends input during record use case. | [email protected] | 7.8 | 0.05% | 2023-06-06 | 2026-06-17 |
| CVE-2022-40521 | Transient DOS due to improper authorization in Modem | [email protected] | 7.5 | 0.35% | 2023-06-06 | 2026-06-17 |
| CVE-2022-33264 | Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. | [email protected] | 7.9 | 0.09% | 2023-06-06 | 2026-06-17 |
| CVE-2022-22076 | information disclosure due to cryptographic issue in Core during RPMB read request. | [email protected] | 7.1 | 0.05% | 2023-06-06 | 2026-06-17 |
| CVE-2022-40504 | Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. | [email protected] | 7.5 | 0.38% | 2023-05-02 | 2026-06-17 |
| CVE-2023-21666 | Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool. | [email protected] | 8.4 | 0.18% | 2023-05-02 | 2026-06-17 |
| CVE-2023-21665 | Memory corruption in Graphics while importing a file. | [email protected] | 8.4 | 0.18% | 2023-05-02 | 2026-06-17 |
| CVE-2022-40532 | Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | [email protected] | 8.4 | 0.05% | 2023-04-13 | 2026-06-17 |
| CVE-2022-33302 | Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. | [email protected] | 6.8 | 0.12% | 2023-04-13 | 2026-06-17 |
| CVE-2022-33296 | Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | [email protected] | 5.9 | 0.05% | 2023-04-13 | 2026-06-17 |
| CVE-2022-33289 | Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. | [email protected] | 6.8 | 0.19% | 2023-04-13 | 2026-06-17 |
| CVE-2020-3639 | u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8017, APQ8037, APQ8053, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCM4290, QCM6125, QCS410, QCS42 | [email protected] | 9.8 | 0.90% | 2020-11-12 | 2026-06-16 |
| CVE-2020-11196 | u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM89 | [email protected] | 9.8 | 0.89% | 2020-11-12 | 2026-06-16 |
| CVE-2020-11193 | u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998 | [email protected] | 9.8 | 0.90% | 2020-11-12 | 2026-06-16 |
| CVE-2020-11123 | u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, A | [email protected] | 5.5 | 0.19% | 2020-11-12 | 2026-06-16 |