CVSS: 7.8EPSS: 0%CPEs: 670EXPL: 0CVE-2023-28550 – Improper Restriction of Operations within the Bounds of a Memory Buffer in MPP Performance
https://notcve.org/view.php?id=CVE-2023-28550
05 Dec 2023 — Memory corruption in MPP performance while accessing DSM watermark using external memory address. Corrupción de la memoria en el rendimiento de MPP al acceder a la marca de agua DSM mediante una dirección de memoria externa. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 560EXPL: 0CVE-2023-28546 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28546
05 Dec 2023 — Memory Corruption in SPS Application while exporting public key in sorter TA. Corrupción de la memoria en la aplicación SPS al exportar la clave pública en el clasificador TA. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 464EXPL: 0CVE-2023-22388 – Use of Out-of-range Pointer Offset in Multi-mode Call Processor
https://notcve.org/view.php?id=CVE-2023-22388
07 Nov 2023 — Memory Corruption in Multi-mode Call Processor while processing bit mask API. Corrupción de la memoria en Multi-mode Call Processor mientras se procesa la API de máscara de bits. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.2EPSS: 0%CPEs: 476EXPL: 0CVE-2023-24849 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24849
03 Oct 2023 — Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Divulgación de información en el Modem de datos mientras se analiza una línea FMTP en un mensaje SDP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 8.2EPSS: 0%CPEs: 488EXPL: 0CVE-2023-24848 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24848
03 Oct 2023 — Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Divulgación de información en el Modem de datos mientras se realiza una llamada VoLTE con un valor de línea RTCP FB indefinido. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 10.0EPSS: 0%CPEs: 482EXPL: 0CVE-2023-22385 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-22385
03 Oct 2023 — Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Corrupción de la memoria en el módem de datos al realizar una llamada MO o una llamada MT VOLTE. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 260EXPL: 0CVE-2023-28538 – Stack-based Buffer Overflow in WIN Product
https://notcve.org/view.php?id=CVE-2023-28538
05 Sep 2023 — Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. Corrupción de la memoria en el producto WIN al invocar el controlador de actualización WinAcpi en la región UEFI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 566EXPL: 0CVE-2023-21628 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-21628
06 Jun 2023 — Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 484EXPL: 0CVE-2022-40521 – Improper authorization in Modem
https://notcve.org/view.php?id=CVE-2022-40521
06 Jun 2023 — Transient DOS due to improper authorization in Modem • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 8.4EPSS: 0%CPEs: 484EXPL: 0CVE-2022-40507 – Double free in Core
https://notcve.org/view.php?id=CVE-2022-40507
06 Jun 2023 — Memory corruption due to double free in Core while mapping HLOS address to the list. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-415: Double Free •