CVE-2023-28563 – Buffer Over-read in IOE Firmware
https://notcve.org/view.php?id=CVE-2023-28563
Information disclosure in IOE Firmware while handling WMI command. Divulgación de información en IOE Firmware mientras se maneja el comando WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVE-2023-28556 – Improper Authorization in HLOS
https://notcve.org/view.php?id=CVE-2023-28556
Cryptographic issue in HLOS during key management. Problema criptográfico en HLOS durante la gestión de claves. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-285: Improper Authorization •
CVE-2023-28545 – Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28545
Memory corruption in TZ Secure OS while loading an app ELF. Corrupción de la memoria en TZ Secure OS al cargar una aplicación ELF. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVE-2023-33039 – Use After Free in Automotive Display
https://notcve.org/view.php?id=CVE-2023-33039
Memory corruption in Automotive Display while destroying the image handle created using connected display driver. Corrupción de la memoria en Automotive Display al destruir el identificador de imagen creado con el controlador de pantalla conectado. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-416: Use After Free •