CVSS: 7.8EPSS: 0%CPEs: 102EXPL: 0CVE-2023-21636 – Improper Validation of Array Index in Linux
https://notcve.org/view.php?id=CVE-2023-21636
05 Sep 2023 — Memory Corruption due to improper validation of array index in Linux while updating adn record. orrupción de memoria debida a una validación incorrecta del índice de matriz en Linux mientras actualiza el registro adn. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 518EXPL: 0CVE-2022-33275 – Improper validation of array index in WLAN HAL
https://notcve.org/view.php?id=CVE-2022-33275
05 Sep 2023 — Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe "lm_itemNum" estando fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 366EXPL: 0CVE-2023-28537 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-28537
08 Aug 2023 — Memory corruption while allocating memory in COmxApeDec module in Audio. Corrupción de memoria al asignar memoria en el módulo COmxApeDec en Audio. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 344EXPL: 0CVE-2023-22666 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-22666
08 Aug 2023 — Memory Corruption in Audio while playing amrwbplus clips with modified content. Corrupción de memoria en audio al reproducir clips amrwbplus con contenido modificado. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.7EPSS: 0%CPEs: 240EXPL: 0CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
08 Aug 2023 — Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •
CVSS: 9.3EPSS: 0%CPEs: 280EXPL: 0CVE-2023-21651 – Incorrect Type Conversion or Cast in Core
https://notcve.org/view.php?id=CVE-2023-21651
08 Aug 2023 — Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Corrupción de memoria en el Core debido a una conversión de tipo o cast incorrecto en la función secure_io_read/write en TEE. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 130EXPL: 0CVE-2023-21649 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN
https://notcve.org/view.php?id=CVE-2023-21649
08 Aug 2023 — Memory corruption in WLAN while running doDriverCmd for an unspecific command. Corrupción de memoria en WLAN al ejecutar doDriverCmd para un comando no específico. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 370EXPL: 0CVE-2023-21626 – Improper Authentication in HLOS.
https://notcve.org/view.php?id=CVE-2023-21626
08 Aug 2023 — Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. Problema criptográfico en HLOS debido a una autenticación incorrecta al realizar comprobaciones de velocidad de clave utilizando más de una clave. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-287: Improper Authentication CWE-320: Key Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 408EXPL: 0CVE-2022-40510 – Buffer copy without checking size of input in Audio.
https://notcve.org/view.php?id=CVE-2022-40510
08 Aug 2023 — Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. Corrupción de memoria debida a la copia del búfer sin comprobar el tamaño de la entrada en Audio durante una llamada de voz con el vocoder EVS. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-457: Use of Uninitialized Variable CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 368EXPL: 1CVE-2023-21670 – Improper Access control in GPU Subsystem
https://notcve.org/view.php?id=CVE-2023-21670
06 Jun 2023 — Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode. • https://packetstorm.news/files/id/173296 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •