CVSS: 8.4EPSS: 0%CPEs: 260EXPL: 0CVE-2023-28538 – Stack-based Buffer Overflow in WIN Product
https://notcve.org/view.php?id=CVE-2023-28538
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Corrupción de la memoria en el producto WIN al invocar el controlador de actualización WinAcpi en la región UEFI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 366EXPL: 0CVE-2023-28537 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-28537
Memory corruption while allocating memory in COmxApeDec module in Audio. Corrupción de memoria al asignar memoria en el módulo COmxApeDec en Audio. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 344EXPL: 0CVE-2023-22666 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-22666
Memory Corruption in Audio while playing amrwbplus clips with modified content. Corrupción de memoria en audio al reproducir clips amrwbplus con contenido modificado. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.7EPSS: 0%CPEs: 240EXPL: 0CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •
CVSS: 7.1EPSS: 0%CPEs: 370EXPL: 0CVE-2023-21626 – Improper Authentication in HLOS.
https://notcve.org/view.php?id=CVE-2023-21626
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. Problema criptográfico en HLOS debido a una autenticación incorrecta al realizar comprobaciones de velocidad de clave utilizando más de una clave. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-287: Improper Authentication CWE-320: Key Management Errors •