Qualcomm

CVE-2026-25276 describes a memory corruption vulnerability in Qualcomm's Strongbox due to a missing bounds check, potentially leading to arbitrary code execution.

CVE-2026-24092 is a memory corruption vulnerability in Qualcomm products arising from improper validation when processing fastboot commands to set the display mode, potentially leading to arbitrary code execution.

CVE-2026-24091 is a memory corruption vulnerability in Qualcomm devices that occurs when processing fastboot commands with improperly formatted input, potentially leading to code execution.

CVE-2026-24090 is a cryptographic issue in Qualcomm chipsets while processing partition table entries, allowing unauthorized modification of the boot flow due to missing authentication for critical functions.

CVE-2026-24089 describes a memory corruption vulnerability in processing fastboot commands with invalid input, potentially leading to arbitrary code execution on affected devices and requiring physical access to trigger.

CVE-2026-24087 is a high-severity memory corruption vulnerability in Qualcomm components that occurs while processing fastboot OEM commands, potentially leading to code execution.

CVE-2025-59605 is a memory corruption vulnerability in Qualcomm products where processing overly long device identifier strings leads to an out-of-bounds write, potentially allowing for information disclosure, code execution, or denial of service.

CVE-2025-59604 is a memory corruption vulnerability due to invalid writes caused by a null pointer when running a memory copy operation, potentially leading to arbitrary code execution, as reported by Qualcomm.

A local privilege escalation vulnerability exists in Realtek rtl819x Jungle SDK due to missing capability checks on ioctl commands, allowing unprivileged users to gain root privileges on affected Linux systems.

CVE-2026-25293 is a critical buffer overflow vulnerability in Qualcomm PLC FW due to incorrect authorization, potentially allowing unauthorized access and control over programmable logic controllers.

A memory corruption vulnerability, CVE-2025-47408, exists in Qualcomm drivers when another driver calls an IOCTL with an invalid input/output buffer, potentially leading to code execution or denial of service.

CVE-2025-47407 describes a memory corruption vulnerability affecting the digital signal processor due to allocation failure at the kernel level, potentially leading to arbitrary code execution with elevated privileges on affected systems.

CVE-2025-47405 is a memory corruption vulnerability in Qualcomm products related to processing camera sensor input/output control codes with invalid output buffers, potentially leading to arbitrary code execution.