CVSS: 8.4EPSS: 0%CPEs: 612EXPL: 0CVE-2023-33088 – NULL pointer dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33088
05 Dec 2023 — Memory corruption when processing cmd parameters while parsing vdev. Corrupción de la memoria al procesar parámetros cmd mientras se analiza vdev. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 230EXPL: 0CVE-2023-33083 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Host
https://notcve.org/view.php?id=CVE-2023-33083
05 Dec 2023 — Memory corruption in WLAN Host while processing RRM beacon on the AP. Corrupción de la memoria en el host WLAN mientras se procesa beacon RRM en el AP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 230EXPL: 0CVE-2023-33082 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Host
https://notcve.org/view.php?id=CVE-2023-33082
05 Dec 2023 — Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. Corrupción de la memoria al enviar una solicitud de asociación con una consulta BTM o una respuesta BTM que contiene MBO IE. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 298EXPL: 0CVE-2023-33081 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33081
05 Dec 2023 — Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. DOS transitorio al convertir parámetros de fotograma TWT (Target Wake Time) en la transmisión OTA. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 732EXPL: 0CVE-2023-33080 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33080
05 Dec 2023 — Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. DOS transitorio mientras se analiza un IE (elemento de información) específico del fabricante del frame de gestión de respuesta de reasociación. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 1%CPEs: 562EXPL: 0CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
05 Dec 2023 — Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 234EXPL: 0CVE-2023-33053 – Improper Validation of Array Index in Kernel
https://notcve.org/view.php?id=CVE-2023-33053
05 Dec 2023 — Memory corruption in Kernel while parsing metadata. Corrupción de la memoria en el Kernel al analizar metadatos. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 254EXPL: 0CVE-2023-33041 – Reachable assertion in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33041
05 Dec 2023 — Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. En ciertos escenarios, el firmware de WLAN alcanzará una afirmación debido a una confusión de estado al buscar ID de pares. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 626EXPL: 0CVE-2023-28586 – Improper Restriction of Operation within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28586
05 Dec 2023 — Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Divulgación de información cuando se accede a las direcciones de símbolos de metadatos de la aplicación confiable mientras se carga un ELF en TEE. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-28585 – Integer Overflow to Buffer Overflow in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28585
05 Dec 2023 — Memory corruption while loading an ELF segment in TEE Kernel. Corrupción de la memoria al cargar un segmento ELF en TEE Kernel. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •