CVSS: 8.4EPSS: 0%CPEs: 484EXPL: 0CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 306EXPL: 0CVE-2023-33106 – Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
https://notcve.org/view.php?id=CVE-2023-33106
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Corrupción de la memoria al enviar una lista grande de puntos de sincronización en un comando AUX al IOCTL_KGSL_GPU_AUX_COMMAND. Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 526EXPL: 0CVE-2023-33018 – Integer Overflow to Buffer Overflow in User Identity Module
https://notcve.org/view.php?id=CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name. Corrupción de la memoria al utilizar el comando diag de User Identity Module (UIM) para obtener el nombre del operador. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 428EXPL: 2CVE-2023-28588 – Integer Overflow or Wraparound in Bluetooth Host
https://notcve.org/view.php?id=CVE-2023-28588
Transient DOS in Bluetooth Host while rfc slot allocation. DOS transitorio en el host Bluetooth mientras se asigna la ranura RFC. • https://github.com/Trinadh465/CVE-2023-28588 https://github.com/uthrasri/CVE-2023-28588 https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •