CVSS: 8.4EPSS: 0%CPEs: 518EXPL: 0CVE-2022-33275 – Improper validation of array index in WLAN HAL
https://notcve.org/view.php?id=CVE-2022-33275
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe "lm_itemNum" estando fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.5EPSS: 0%CPEs: 142EXPL: 0CVE-2023-28555 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-28555
Transient DOS in Audio while remapping channel buffer in media codec decoding. DOS transitorio en Audio mientras se remapea el buffer de canal en la decodificación de codecs multimedia. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.7EPSS: 0%CPEs: 240EXPL: 0CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •
CVSS: 9.3EPSS: 0%CPEs: 280EXPL: 0CVE-2023-21651 – Incorrect Type Conversion or Cast in Core
https://notcve.org/view.php?id=CVE-2023-21651
Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Corrupción de memoria en el Core debido a una conversión de tipo o cast incorrecto en la función secure_io_read/write en TEE. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 326EXPL: 0CVE-2023-24854 – Stack-based Buffer Overflow in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-24854
Memory Corruption in WLAN HOST while parsing QMI WLAN Firmware response message. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •