CVSS: 7.5EPSS: 0%CPEs: 148EXPL: 0CVE-2023-33042 – Improper Input Validation in Modem
https://notcve.org/view.php?id=CVE-2023-33042
Transient DOS in Modem after RRC Setup message is received. DOS transitorio en el módem después de recibir el mensaje de configuración de RRC. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 254EXPL: 0CVE-2023-33041 – Reachable assertion in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33041
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. En ciertos escenarios, el firmware de WLAN alcanzará una afirmación debido a una confusión de estado al buscar ID de pares. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 142EXPL: 0CVE-2023-33024 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface Layer
https://notcve.org/view.php?id=CVE-2023-33024
Memory corruption while sending SMS from AP firmware. Corrupción de la memoria al enviar SMS desde el firmware AP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 424EXPL: 0CVE-2023-33022 – Integer Overflow to Buffer Overflow in HLOS
https://notcve.org/view.php?id=CVE-2023-33022
Memory corruption in HLOS while invoking IOCTL calls from user-space. Corrupción de la memoria en HLOS al invocar llamadas IOCTL desde el espacio de usuario. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 526EXPL: 0CVE-2023-33018 – Integer Overflow to Buffer Overflow in User Identity Module
https://notcve.org/view.php?id=CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name. Corrupción de la memoria al utilizar el comando diag de User Identity Module (UIM) para obtener el nombre del operador. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •