CVSS: 9.3EPSS: 0%CPEs: 256EXPL: 0CVE-2022-33288 – Buffer copy without checking the size of input in Core
https://notcve.org/view.php?id=CVE-2022-33288
Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 0%CPEs: 202EXPL: 0CVE-2022-33269 – Integer overflow or wraparound in Core
https://notcve.org/view.php?id=CVE-2022-33269
Memory corruption due to integer overflow or wraparound in Core while DDR memory assignment. • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 32EXPL: 0CVE-2022-40540 – Buffer copy without checking the size of input in Linux Kernel
https://notcve.org/view.php?id=CVE-2022-40540
Memory corruption due to buffer copy without checking the size of input while loading firmware in Linux Kernel. • https://bugzilla.suse.com/show_bug.cgi?id=1209597 https://security.netapp.com/advisory/ntap-20230616-0001 https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 324EXPL: 0CVE-2022-40537 – Improper Validation of Array Index in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2022-40537
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 568EXPL: 0CVE-2022-40531 – Incorrect type conversion in WLAN
https://notcve.org/view.php?id=CVE-2022-40531
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •