CVSS: 7.8EPSS: 0%CPEs: 326EXPL: 0CVE-2022-33248 – Integer overflow to buffer overflow in User Identity Module
https://notcve.org/view.php?id=CVE-2022-33248
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. • https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 404EXPL: 0CVE-2022-33233 – Configuration weakness in modem
https://notcve.org/view.php?id=CVE-2022-33233
Memory corruption due to configuration weakness in modem wile sending command to write protected files. • https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin • CWE-16: Configuration CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 394EXPL: 0CVE-2022-25695
https://notcve.org/view.php?id=CVE-2022-25695
Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Corrupción de la memoria en MODEM debido a una validación incorrecta del índice de matriz mientras se procesan comandos proactivos GSTK en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 408EXPL: 0CVE-2022-25682
https://notcve.org/view.php?id=CVE-2022-25682
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Corrupción de la memoria en MODEM UIM debido al uso de un desplazamiento del puntero fuera de rango al decodificar el comando de la tarjeta en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 250EXPL: 0CVE-2022-25685
https://notcve.org/view.php?id=CVE-2022-25685
Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Denegación de servicio en el módulo Módem debido a una autorización inadecuada durante el manejo de errores en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin •