CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-28560 – Buffer Copy Without Checking Size of Input in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28560
05 Sep 2023 — Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. Corrupción de memoria en WLAN HAL al procesar devIndex desde un payload WMI no fiable. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 428EXPL: 0CVE-2023-28559 – Buffer Copy Without Checking Size of Input in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28559
05 Sep 2023 — Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload. Corrupción de memoria en WLAN FW al procesar parámetros de comando de payloads WMI no fiables. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 404EXPL: 0CVE-2023-28558 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28558
05 Sep 2023 — Memory corruption in WLAN handler while processing PhyID in Tx status handler. Corrupción de la memoria en el WLAN handler cuando se procesa PhyID en Tx status handler. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-28557 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28557
05 Sep 2023 — Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload. Corrupción de memoria en WLAN HAL al procesar parámetros de comando de un payload WMI que no es de confianza. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 456EXPL: 0CVE-2023-28549 – Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28549
05 Sep 2023 — Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Corrupción de memoria en WLAN HAL al analizar el búfer Rx en el procesamiento del payload TLV. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 418EXPL: 0CVE-2023-28544 – Buffer Copy without Checking the Size of Input in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-28544
05 Sep 2023 — Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers. Corrupción de memoria en WLAN al enviar comandos de transmisión desde HLOS a controladores UTF. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 260EXPL: 0CVE-2023-28538 – Stack-based Buffer Overflow in WIN Product
https://notcve.org/view.php?id=CVE-2023-28538
05 Sep 2023 — Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Corrupción de la memoria en el producto WIN al invocar el controlador de actualización WinAcpi en la región UEFI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 26EXPL: 0CVE-2022-40534 – Improper Validation of Array Index in Audio
https://notcve.org/view.php?id=CVE-2022-40534
05 Sep 2023 — Memory corruption due to improper validation of array index in Audio. Corrupción de memoria debida a una validación incorrecta del índice de matriz en Audio. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 518EXPL: 0CVE-2022-33275 – Improper validation of array index in WLAN HAL
https://notcve.org/view.php?id=CVE-2022-33275
05 Sep 2023 — Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe "lm_itemNum" estando fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 120EXPL: 0CVE-2023-28575 – Multiple Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2023-28575
08 Aug 2023 — The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. La función cam_get_device_priv no comprueba el tipo de manejador devuelto (device/session/link). Esto llevaría a un uso de tipo inválido si se le pasa un manejador incorrecto. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-823: Use of Out-of-range Pointer Offset CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •