CVSS: 7.8EPSS: 0%CPEs: 120EXPL: 0CVE-2023-28575 – Multiple Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2023-28575
08 Aug 2023 — The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. La función cam_get_device_priv no comprueba el tipo de manejador devuelto (device/session/link). Esto llevaría a un uso de tipo inválido si se le pasa un manejador incorrecto. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-823: Use of Out-of-range Pointer Offset CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 142EXPL: 0CVE-2023-28555 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-28555
08 Aug 2023 — Transient DOS in Audio while remapping channel buffer in media codec decoding. DOS transitorio en Audio mientras se remapea el buffer de canal en la decodificación de codecs multimedia. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 366EXPL: 0CVE-2023-28537 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-28537
08 Aug 2023 — Memory corruption while allocating memory in COmxApeDec module in Audio. Corrupción de memoria al asignar memoria en el módulo COmxApeDec en Audio. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 344EXPL: 0CVE-2023-22666 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-22666
08 Aug 2023 — Memory Corruption in Audio while playing amrwbplus clips with modified content. Corrupción de memoria en audio al reproducir clips amrwbplus con contenido modificado. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.7EPSS: 0%CPEs: 240EXPL: 0CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
08 Aug 2023 — Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •
CVSS: 9.3EPSS: 0%CPEs: 280EXPL: 0CVE-2023-21651 – Incorrect Type Conversion or Cast in Core
https://notcve.org/view.php?id=CVE-2023-21651
08 Aug 2023 — Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Corrupción de memoria en el Core debido a una conversión de tipo o cast incorrecto en la función secure_io_read/write en TEE. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 102EXPL: 0CVE-2023-21650 – Improper Validation of Array Index in GPS HLOS Driver
https://notcve.org/view.php?id=CVE-2023-21650
08 Aug 2023 — Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. Corrupción de memoria en el controlador GPS HLOS cuando injectFdclData recibe datos con una longitud de datos no válida. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 130EXPL: 0CVE-2023-21649 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN
https://notcve.org/view.php?id=CVE-2023-21649
08 Aug 2023 — Memory corruption in WLAN while running doDriverCmd for an unspecific command. Corrupción de memoria en WLAN al ejecutar doDriverCmd para un comando no específico. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2023-21648 – Integer Overflow to Buffer Overflow in RIL
https://notcve.org/view.php?id=CVE-2023-21648
08 Aug 2023 — Memory corruption in RIL while trying to send apdu packet. Corrupción de memoria en RIL al intentar enviar paquete apdu. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 86EXPL: 0CVE-2023-21647 – Improper Input Validation in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-21647
08 Aug 2023 — Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. Revelación de información en Bluetooth cuando se recibe un paquete GATT debido a una validación de entrada incorrecta. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-20: Improper Input Validation •