CVSS: 8.2EPSS: 0%CPEs: 414EXPL: 0CVE-2023-28545 – Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28545
07 Nov 2023 — Memory corruption in TZ Secure OS while loading an app ELF. Corrupción de la memoria en TZ Secure OS al cargar una aplicación ELF. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 548EXPL: 0CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
07 Nov 2023 — Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 464EXPL: 0CVE-2023-22388 – Use of Out-of-range Pointer Offset in Multi-mode Call Processor
https://notcve.org/view.php?id=CVE-2023-22388
07 Nov 2023 — Memory Corruption in Multi-mode Call Processor while processing bit mask API. Corrupción de la memoria en Multi-mode Call Processor mientras se procesa la API de máscara de bits. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.1EPSS: 0%CPEs: 304EXPL: 0CVE-2023-28540 – Improper Authentication in Data Modem
https://notcve.org/view.php?id=CVE-2023-28540
03 Oct 2023 — Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Problema criptográfico en Data Modem debido a una autenticación incorrecta durante el protocolo de enlace TLS. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 126EXPL: 0CVE-2023-24855 – Use of Out-of-range Pointer Offset in Modem
https://notcve.org/view.php?id=CVE-2023-24855
03 Oct 2023 — Memory corruption in Modem while processing security related configuration before AS Security Exchange. Corrupción de la memoria en el Modem mientras se procesa la configuración relacionada con la seguridad antes de AS Security Exchange. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.2EPSS: 0%CPEs: 476EXPL: 0CVE-2023-24849 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24849
03 Oct 2023 — Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Divulgación de información en el Modem de datos mientras se analiza una línea FMTP en un mensaje SDP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 8.2EPSS: 0%CPEs: 488EXPL: 0CVE-2023-24848 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24848
03 Oct 2023 — Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Divulgación de información en el Modem de datos mientras se realiza una llamada VoLTE con un valor de línea RTCP FB indefinido. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 514EXPL: 0CVE-2023-24847 – NULL pointer Dereference in Modem
https://notcve.org/view.php?id=CVE-2023-24847
03 Oct 2023 — Transient DOS in Modem while allocating DSM items. DOS transitorio en el módem mientras se asignan elementos DSM. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 482EXPL: 0CVE-2023-22385 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-22385
03 Oct 2023 — Memory Corruption in Data Modem while making a MO call or MT VOLTE call. Corrupción de la memoria en el módem de datos al realizar una llamada MO o una llamada MT VOLTE. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read CWE-787: Out-of-bounds Write •
CVSS: 8.7EPSS: 0%CPEs: 326EXPL: 0CVE-2023-21673 – Improper Access Control in Kernel
https://notcve.org/view.php?id=CVE-2023-21673
03 Oct 2023 — Improper Access to the VM resource manager can lead to Memory Corruption. El acceso inadecuado al administrador de recursos de la máquina virtual puede provocar daños en la memoria. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-284: Improper Access Control •