CVSS: 7.1EPSS: 0%CPEs: 214EXPL: 0CVE-2023-33036 – NULL Pointer Dereference in Hypervisor
https://notcve.org/view.php?id=CVE-2023-33036
02 Jan 2024 — Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. DOS permanente en Hypervisor mientras una máquina virtual que no es de confianza y sin soporte PSCI realiza una llamada de PSCI. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 8.4EPSS: 0%CPEs: 534EXPL: 0CVE-2023-33033 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33033
02 Jan 2024 — Memory corruption in Audio during playback with speaker protection. Corrupción de la memoria en audio durante la reproducción con protección de altavoz. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.3EPSS: 0%CPEs: 240EXPL: 0CVE-2023-33032 – Integer Overflow or Wraparound in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-33032
02 Jan 2024 — Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Corrupción de la memoria en TZ Secure OS al solicitar una asignación de memoria de la región TA. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 602EXPL: 0CVE-2023-33030 – Buffer Copy without Checking Size of Input in HLOS
https://notcve.org/view.php?id=CVE-2023-33030
02 Jan 2024 — Memory corruption in HLOS while running playready use-case. Corrupción de la memoria en HLOS mientras se ejecuta el caso de uso de PlayReady. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 422EXPL: 0CVE-2023-28569 – Buffer Over-read in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28569
07 Nov 2023 — Information disclosure in WLAN HAL while handling command through WMI interfaces. Divulgación de información en WLAN HAL mientras se manejan comandos a través de interfaces WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 256EXPL: 0CVE-2023-28566 – Buffer Over-read in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28566
07 Nov 2023 — Information disclosure in WLAN HAL while handling the WMI state info command. Divulgación de información en WLAN HAL mientras se maneja el comando de información de estado de WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 466EXPL: 0CVE-2023-28563 – Buffer Over-read in IOE Firmware
https://notcve.org/view.php?id=CVE-2023-28563
07 Nov 2023 — Information disclosure in IOE Firmware while handling WMI command. Divulgación de información en IOE Firmware mientras se maneja el comando WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 458EXPL: 0CVE-2023-28556 – Improper Authorization in HLOS
https://notcve.org/view.php?id=CVE-2023-28556
07 Nov 2023 — Cryptographic issue in HLOS during key management. Problema criptográfico en HLOS durante la gestión de claves. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-285: Improper Authorization •
CVSS: 8.2EPSS: 0%CPEs: 414EXPL: 0CVE-2023-28545 – Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28545
07 Nov 2023 — Memory corruption in TZ Secure OS while loading an app ELF. Corrupción de la memoria en TZ Secure OS al cargar una aplicación ELF. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 548EXPL: 0CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
07 Nov 2023 — Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •