CVSS: 7.8EPSS: 0%CPEs: 402EXPL: 0CVE-2023-22386 – Buffer Copy Without Checking Size of Input in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-22386
04 Jul 2023 — Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 114EXPL: 0CVE-2023-21672 – Use After Free in Audio
https://notcve.org/view.php?id=CVE-2023-21672
04 Jul 2023 — Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2023-21641 – Permissions, Privileges, and Access Controls in Display
https://notcve.org/view.php?id=CVE-2023-21641
04 Jul 2023 — An app with non-privileged access can change global system brightness and cause undesired system behavior. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2023-21638 – Incorrect Type Conversion or Cast in Video
https://notcve.org/view.php?id=CVE-2023-21638
04 Jul 2023 — Memory corruption in Video while calling APIs with different instance ID than the one received in initialization. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 110EXPL: 0CVE-2023-21637 – Improper Restrictions of Operations within the Bounds of a Memory Buffer in Linux
https://notcve.org/view.php?id=CVE-2023-21637
04 Jul 2023 — Memory corruption in Linux while calling system configuration APIs. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 98EXPL: 0CVE-2023-21635 – Buffer Copy without Checking Size of Input in Data Network Stack & Connectivity
https://notcve.org/view.php?id=CVE-2023-21635
04 Jul 2023 — Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 194EXPL: 0CVE-2023-21633 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux
https://notcve.org/view.php?id=CVE-2023-21633
04 Jul 2023 — Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 424EXPL: 0CVE-2023-21629 – Double Free in Modem
https://notcve.org/view.php?id=CVE-2023-21629
04 Jul 2023 — Memory Corruption in Modem due to double free while parsing the PKCS15 sim files. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-415: Double Free •
CVSS: 6.2EPSS: 0%CPEs: 134EXPL: 0CVE-2023-21624 – Information Exposure in DSP Services
https://notcve.org/view.php?id=CVE-2023-21624
04 Jul 2023 — Information disclosure in DSP Services while loading dynamic module. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 368EXPL: 1CVE-2023-21670 – Improper Access control in GPU Subsystem
https://notcve.org/view.php?id=CVE-2023-21670
06 Jun 2023 — Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode. • https://packetstorm.news/files/id/173296 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •