142 results (0.012 seconds)

CVSS: 7.5EPSS: 0%CPEs: 384EXPL: 0

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-617: Reachable Assertion •

CVSS: 7.3EPSS: 0%CPEs: 204EXPL: 0

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •

CVSS: 8.4EPSS: 0%CPEs: 706EXPL: 0

Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 450EXPL: 0

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-129: Improper Validation of Array Index •

CVSS: 6.8EPSS: 0%CPEs: 452EXPL: 0

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-129: Improper Validation of Array Index •