CVSS: 7.8EPSS: 0%CPEs: 102EXPL: 0CVE-2023-21650 – Improper Validation of Array Index in GPS HLOS Driver
https://notcve.org/view.php?id=CVE-2023-21650
08 Aug 2023 — Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. Corrupción de memoria en el controlador GPS HLOS cuando injectFdclData recibe datos con una longitud de datos no válida. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 130EXPL: 0CVE-2023-21649 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN
https://notcve.org/view.php?id=CVE-2023-21649
08 Aug 2023 — Memory corruption in WLAN while running doDriverCmd for an unspecific command. Corrupción de memoria en WLAN al ejecutar doDriverCmd para un comando no específico. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2023-21648 – Integer Overflow to Buffer Overflow in RIL
https://notcve.org/view.php?id=CVE-2023-21648
08 Aug 2023 — Memory corruption in RIL while trying to send apdu packet. Corrupción de memoria en RIL al intentar enviar paquete apdu. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 86EXPL: 0CVE-2023-21647 – Improper Input Validation in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-21647
08 Aug 2023 — Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. Revelación de información en Bluetooth cuando se recibe un paquete GATT debido a una validación de entrada incorrecta. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 48EXPL: 0CVE-2023-21643 – Untrusted Pointer Dereference in Automotive
https://notcve.org/view.php?id=CVE-2023-21643
08 Aug 2023 — Memory corruption due to untrusted pointer dereference in automotive during system call. Corrupción de memoria debida a una desviación de puntero no fiable en automotive durante una llamada al sistema. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-787: Out-of-bounds Write CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 96EXPL: 0CVE-2023-21627 – Incorrect Type Conversion or Cast in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-21627
08 Aug 2023 — Memory corruption in Trusted Execution Environment while calling service API with invalid address. Corrupción de memoria en Trusted Execution Environment al llamar a la API de servicio con una dirección no válida. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-20: Improper Input Validation CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.1EPSS: 0%CPEs: 370EXPL: 0CVE-2023-21626 – Improper Authentication in HLOS.
https://notcve.org/view.php?id=CVE-2023-21626
08 Aug 2023 — Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. Problema criptográfico en HLOS debido a una autenticación incorrecta al realizar comprobaciones de velocidad de clave utilizando más de una clave. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-287: Improper Authentication CWE-320: Key Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 376EXPL: 0CVE-2023-28542 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-28542
04 Jul 2023 — Memory Corruption in WLAN HOST while fetching TX status information. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 398EXPL: 0CVE-2023-28541 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2023-28541
04 Jul 2023 — Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 326EXPL: 0CVE-2023-24854 – Stack-based Buffer Overflow in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-24854
04 Jul 2023 — Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •