CVSS: 7.8EPSS: 0%CPEs: 732EXPL: 0CVE-2023-33080 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33080
05 Dec 2023 — Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. DOS transitorio mientras se analiza un IE (elemento de información) específico del fabricante del frame de gestión de respuesta de reasociación. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 1%CPEs: 562EXPL: 0CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
05 Dec 2023 — Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVSS: 9.4EPSS: 0%CPEs: 336EXPL: 0CVE-2023-33054 – Improper Authentication in GPS HLOS Driver
https://notcve.org/view.php?id=CVE-2023-33054
05 Dec 2023 — Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Problema criptográfico en el controlador GPS HLOS al descargar datos de asistencia GNSS de Qualcomm. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 142EXPL: 0CVE-2023-33024 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface Layer
https://notcve.org/view.php?id=CVE-2023-33024
05 Dec 2023 — Memory corruption while sending SMS from AP firmware. Corrupción de la memoria al enviar SMS desde el firmware AP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 526EXPL: 0CVE-2023-33018 – Integer Overflow to Buffer Overflow in User Identity Module
https://notcve.org/view.php?id=CVE-2023-33018
05 Dec 2023 — Memory corruption while using the UIM diag command to get the operators name. Corrupción de la memoria al utilizar el comando diag de User Identity Module (UIM) para obtener el nombre del operador. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 554EXPL: 0CVE-2023-33017 – Buffer Copy Without Checking Size of Input in Boot
https://notcve.org/view.php?id=CVE-2023-33017
05 Dec 2023 — Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Corrupción de la memoria en el arranque mientras se ejecuta una prueba ListVars en el menú UEFI durante el arranque. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 428EXPL: 2CVE-2023-28588 – Integer Overflow or Wraparound in Bluetooth Host
https://notcve.org/view.php?id=CVE-2023-28588
05 Dec 2023 — Transient DOS in Bluetooth Host while rfc slot allocation. DOS transitorio en el host Bluetooth mientras se asigna la ranura RFC. • https://github.com/Trinadh465/CVE-2023-28588 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 626EXPL: 0CVE-2023-28586 – Improper Restriction of Operation within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28586
05 Dec 2023 — Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Divulgación de información cuando se accede a las direcciones de símbolos de metadatos de la aplicación confiable mientras se carga un ELF en TEE. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 496EXPL: 0CVE-2023-28551 – Improper Restriction of Operations within the Bounds of a Memory Buffer in UTILS
https://notcve.org/view.php?id=CVE-2023-28551
05 Dec 2023 — Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. Corrupción de la memoria en UTILS cuando el módem procesa comandos Diag específicos de la memoria que tienen valores de dirección arbitrarios como argumentos de entrada. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 670EXPL: 0CVE-2023-28550 – Improper Restriction of Operations within the Bounds of a Memory Buffer in MPP Performance
https://notcve.org/view.php?id=CVE-2023-28550
05 Dec 2023 — Memory corruption in MPP performance while accessing DSM watermark using external memory address. Corrupción de la memoria en el rendimiento de MPP al acceder a la marca de agua DSM mediante una dirección de memoria externa. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •