CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2023-33059 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33059
07 Nov 2023 — Memory corruption in Audio while processing the VOC packet data from ADSP. Corrupción de la memoria en Audio mientras se procesan los datos del paquete VOC desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 304EXPL: 0CVE-2023-33055 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33055
07 Nov 2023 — Memory Corruption in Audio while invoking callback function in driver from ADSP. Corrupción de la memoria en Audio al invocar la función de devolución de llamada en el controlador desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 288EXPL: 0CVE-2023-33035 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33035
03 Oct 2023 — Memory corruption while invoking callback function of AFE from ADSP. Corrupción de la memoria al invocar la función de devolución de llamada de AFE desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 128EXPL: 0CVE-2023-33034 – Signed-to-unsigned conversion error in Audio
https://notcve.org/view.php?id=CVE-2023-33034
03 Oct 2023 — Memory corruption while parsing the ADSP response command. Corrupción de la memoria al analizar el comando de respuesta ADSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-195: Signed to Unsigned Conversion Error CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 264EXPL: 0CVE-2023-33029 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2023-33029
03 Oct 2023 — Memory corruption in DSP Service during a remote call from HLOS to DSP. Corrupción de la memoria en el servicio DSP durante una llamada remota de HLOS a DSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 656EXPL: 0CVE-2023-33027 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33027
03 Oct 2023 — Transient DOS in WLAN Firmware while parsing rsn ies. DOS transitorio en el WLAN Firmware mientras se analiza rsn ies. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.1EPSS: 0%CPEs: 304EXPL: 0CVE-2023-28540 – Improper Authentication in Data Modem
https://notcve.org/view.php?id=CVE-2023-28540
03 Oct 2023 — Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Problema criptográfico en Data Modem debido a una autenticación incorrecta durante el protocolo de enlace TLS. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-28560 – Buffer Copy Without Checking Size of Input in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28560
05 Sep 2023 — Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. Corrupción de memoria en WLAN HAL al procesar devIndex desde un payload WMI no fiable. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 108EXPL: 0CVE-2023-21646 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2023-21646
05 Sep 2023 — Transient DOS in Modem while processing invalid System Information Block 1. Un ataque de denegación de servicios (DOS) transitorio en Modem cuando se procesa información inválida del sistema Block 1. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 102EXPL: 0CVE-2023-21644 – Integer Overflow to Buffer Overflow in RIL
https://notcve.org/view.php?id=CVE-2023-21644
05 Sep 2023 — Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. Corrupción de memoria en RIL debido a un desbordamiento de enteros al lanzar la petición "qcril_uim_request_apdu request". • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •