CVSS: 7.1EPSS: 0%CPEs: 370EXPL: 0CVE-2022-40523 – Information exposure in Kernel
https://notcve.org/view.php?id=CVE-2022-40523
06 Jun 2023 — Information disclosure in Kernel due to indirect branch misprediction. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 484EXPL: 0CVE-2022-40521 – Improper authorization in Modem
https://notcve.org/view.php?id=CVE-2022-40521
06 Jun 2023 — Transient DOS due to improper authorization in Modem • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 8.4EPSS: 0%CPEs: 484EXPL: 0CVE-2022-40507 – Double free in Core
https://notcve.org/view.php?id=CVE-2022-40507
06 Jun 2023 — Memory corruption due to double free in Core while mapping HLOS address to the list. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-415: Double Free •
CVSS: 7.9EPSS: 0%CPEs: 484EXPL: 0CVE-2022-33264 – Stack-based buffer overflow in Modem
https://notcve.org/view.php?id=CVE-2022-33264
06 Jun 2023 — Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 696EXPL: 0CVE-2022-22076 – Cryptographic issue in Core
https://notcve.org/view.php?id=CVE-2022-22076
06 Jun 2023 — information disclosure due to cryptographic issue in Core during RPMB read request. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 384EXPL: 0CVE-2022-40504 – Reachable assertion in Modem
https://notcve.org/view.php?id=CVE-2022-40504
02 May 2023 — Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 8.4EPSS: 0%CPEs: 442EXPL: 1CVE-2023-21665 – Incorrect Type Conversion or Cast in Graphics
https://notcve.org/view.php?id=CVE-2023-21665
02 May 2023 — Memory corruption in Graphics while importing a file. Qualcomm Adreno/KGSL suffers from an unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr(). • https://packetstorm.news/files/id/172663 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 162EXPL: 0CVE-2022-33305 – Null pointer dereference in Modem
https://notcve.org/view.php?id=CVE-2022-33305
02 May 2023 — Transient DOS due to NULL pointer dereference in Modem while sending invalid messages in DCCH. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 80EXPL: 0CVE-2022-33304 – NULL pointers dereference in Modem
https://notcve.org/view.php?id=CVE-2022-33304
02 May 2023 — Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP packet. • https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 8.4EPSS: 0%CPEs: 706EXPL: 0CVE-2022-40532 – Integer overflow or wraparound in WLAN
https://notcve.org/view.php?id=CVE-2022-40532
04 Apr 2023 — Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-190: Integer Overflow or Wraparound •