CVSS: 7.8EPSS: 0%CPEs: 298EXPL: 0CVE-2023-33081 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33081
05 Dec 2023 — Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. DOS transitorio al convertir parámetros de fotograma TWT (Target Wake Time) en la transmisión OTA. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 254EXPL: 0CVE-2023-33041 – Reachable assertion in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33041
05 Dec 2023 — Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. En ciertos escenarios, el firmware de WLAN alcanzará una afirmación debido a una confusión de estado al buscar ID de pares. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 8.4EPSS: 0%CPEs: 424EXPL: 0CVE-2023-33022 – Integer Overflow to Buffer Overflow in HLOS
https://notcve.org/view.php?id=CVE-2023-33022
05 Dec 2023 — Memory corruption in HLOS while invoking IOCTL calls from user-space. Corrupción de la memoria en HLOS al invocar llamadas IOCTL desde el espacio de usuario. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 554EXPL: 0CVE-2023-33017 – Buffer Copy Without Checking Size of Input in Boot
https://notcve.org/view.php?id=CVE-2023-33017
05 Dec 2023 — Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Corrupción de la memoria en el arranque mientras se ejecuta una prueba ListVars en el menú UEFI durante el arranque. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 380EXPL: 0CVE-2023-28587 – Improper Restriction of Operations within the Bounds of a Memory Buffer in BT Controller
https://notcve.org/view.php?id=CVE-2023-28587
05 Dec 2023 — Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. Corrupción de la memoria en el controlador BT al analizar comandos de depuración con subcódigos de operación específicos en el nivel de la interfaz HCI. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 626EXPL: 0CVE-2023-28586 – Improper Restriction of Operation within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28586
05 Dec 2023 — Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. Divulgación de información cuando se accede a las direcciones de símbolos de metadatos de la aplicación confiable mientras se carga un ELF en TEE. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-28585 – Integer Overflow to Buffer Overflow in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28585
05 Dec 2023 — Memory corruption while loading an ELF segment in TEE Kernel. Corrupción de la memoria al cargar un segmento ELF en TEE Kernel. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 670EXPL: 0CVE-2023-28550 – Improper Restriction of Operations within the Bounds of a Memory Buffer in MPP Performance
https://notcve.org/view.php?id=CVE-2023-28550
05 Dec 2023 — Memory corruption in MPP performance while accessing DSM watermark using external memory address. Corrupción de la memoria en el rendimiento de MPP al acceder a la marca de agua DSM mediante una dirección de memoria externa. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 560EXPL: 0CVE-2023-28546 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28546
05 Dec 2023 — Memory Corruption in SPS Application while exporting public key in sorter TA. Corrupción de la memoria en la aplicación SPS al exportar la clave pública en el clasificador TA. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 230EXPL: 0CVE-2023-33061 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33061
07 Nov 2023 — Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame. DOS transitorio en WLAN Firmware mientras se analiza la baliza WLAN o el frame de respuesta de sonda. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •