CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43554 – Improper Restriction of Operations withing the Bounds of a Memory Buffer in DSP Services
https://notcve.org/view.php?id=CVE-2023-43554
Memory corruption while processing IOCTL handler in FastRPC. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-23363 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-23363
Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame. DOS transitorio mientras se procesa un marco de gestión de medición de tiempo fino (FTM) con formato incorrecto. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43556 – Buffer Copy Without Checking Size of Input in Hypervisor
https://notcve.org/view.php?id=CVE-2023-43556
Memory corruption in Hypervisor when platform information mentioned is not aligned. Corrupción de la memoria en el hipervisor cuando la información de la plataforma mencionada no está alineada. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.2EPSS: 0%CPEs: 10EXPL: 0CVE-2023-43555 – Buffer Over-read in Video
https://notcve.org/view.php?id=CVE-2023-43555
Information disclosure in Video while parsing mp2 clip with invalid section length. Divulgación de información en video al analizar un clip mp2 con una longitud de sección no válida. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 9.1EPSS: 0%CPEs: 45EXPL: 0CVE-2023-43551 – Improper Authentication in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-43551
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. Problema criptográfico al realizar la conexión con una red LTE, una estación base no autorizada puede omitir la fase de autenticación y enviar inmediatamente el comando del modo de seguridad. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-287: Improper Authentication •