CVSS: 7.8EPSS: 0%CPEs: 90EXPL: 0CVE-2022-25717 – Use-After-Free Issue in Display
https://notcve.org/view.php?id=CVE-2022-25717
06 Jan 2023 — Memory corruption in display due to double free while allocating frame buffer memory Corrupción de la memoria en la pantalla debido a la doble liberación al asignar memoria búfer de fotogramas • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 64EXPL: 0CVE-2022-25715 – Incorrect type casting in Display driver
https://notcve.org/view.php?id=CVE-2022-25715
06 Jan 2023 — Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields Corrupción de la memoria en el controlador de pantalla debido a una conversión de tipo incorrecta al acceder a los campos de la estructura de la cerca • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.8EPSS: 0%CPEs: 300EXPL: 0CVE-2022-22088 – Integer Overflow to Buffer Overflow in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2022-22088
06 Jan 2023 — Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 286EXPL: 0CVE-2022-25677
https://notcve.org/view.php?id=CVE-2022-25677
13 Dec 2022 — Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Corrupción de la memoria en diagnóstico debido al use-after-free mientras se procesa el paquete dci en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infras... • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 408EXPL: 0CVE-2022-25682
https://notcve.org/view.php?id=CVE-2022-25682
13 Dec 2022 — Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Corrupción de la memoria en MODEM UIM debido al uso de un desplazamiento del puntero fuera de rango al decodificar el comando de la tarjeta en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu... • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 250EXPL: 0CVE-2022-25685
https://notcve.org/view.php?id=CVE-2022-25685
13 Dec 2022 — Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Denegación de servicio en el módulo Módem debido a una autorización inadecuada durante el manejo de errores en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin •
CVSS: 8.4EPSS: 0%CPEs: 394EXPL: 0CVE-2022-25695
https://notcve.org/view.php?id=CVE-2022-25695
13 Dec 2022 — Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Corrupción de la memoria en MODEM debido a una validación incorrecta del índice de matriz mientras se procesan comandos proactivos GSTK en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sn... • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 158EXPL: 0CVE-2022-25702
https://notcve.org/view.php?id=CVE-2022-25702
13 Dec 2022 — Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Denegación de servicio en el módem debido a una afirmación accesible mientras se procesa un mensaje de reconfiguración en Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 116EXPL: 0CVE-2022-25711
https://notcve.org/view.php?id=CVE-2022-25711
13 Dec 2022 — Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Corrupción de la memoria en la cámara debido a una validación incorrecta del índice de matriz en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 92EXPL: 0CVE-2022-25712
https://notcve.org/view.php?id=CVE-2022-25712
13 Dec 2022 — Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables Corrupción de la memoria en la cámara debido a una copia del búfer sin verificar el tamaño de la entrada en Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2022-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •