CVSS: 7.5EPSS: 0%CPEs: 103EXPL: 0CVE-2024-38405 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-38405
04 Nov 2024 — Transient DOS while processing the CU information from RNR IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2024-33033 – Use After Free in ComputerVision
https://notcve.org/view.php?id=CVE-2024-33033
04 Nov 2024 — Memory corruption while processing IOCTL calls to unmap the buffers. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 22EXPL: 0CVE-2024-33030 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Performance
https://notcve.org/view.php?id=CVE-2024-33030
04 Nov 2024 — Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 40EXPL: 0CVE-2024-23377 – Use of Out-of-range Pointer Offset in ComputerVision
https://notcve.org/view.php?id=CVE-2024-23377
04 Nov 2024 — Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.4EPSS: 0%CPEs: 42EXPL: 0CVE-2024-38399 – Use After Free in Graphics
https://notcve.org/view.php?id=CVE-2024-38399
07 Oct 2024 — Memory corruption while processing user packets to generate page faults. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 44EXPL: 0CVE-2024-33069 – Use After Free in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33069
07 Oct 2024 — Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 21EXPL: 0CVE-2024-23376 – Use After Free in ComputerVision
https://notcve.org/view.php?id=CVE-2024-23376
07 Oct 2024 — Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 14EXPL: 0CVE-2024-23375 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in RIL
https://notcve.org/view.php?id=CVE-2024-23375
07 Oct 2024 — Memory corruption during the network scan request. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2024-23374 – Stack-based Buffer Overflow in Power Management IC
https://notcve.org/view.php?id=CVE-2024-23374
07 Oct 2024 — Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 11EXPL: 0CVE-2024-23370 – Use After Free in Automotive Multimedia
https://notcve.org/view.php?id=CVE-2024-23370
07 Oct 2024 — Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •