CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2024-33056 – Buffer Over-read in MProc
https://notcve.org/view.php?id=CVE-2024-33056
02 Dec 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Corrupción de memoria al asignar y acceder a una entrada en una partición SMEM de forma continua. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 19EXPL: 0CVE-2024-33044 – Improper Validation of Array Index in Hypervisor
https://notcve.org/view.php?id=CVE-2024-33044
02 Dec 2024 — Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Corrupción de memoria al configurar el registro SMR/S2CR en modo Bypass. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-38423 – Buffer Copy Without Checking Size of Input in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38423
04 Nov 2024 — Memory corruption while processing GPU page table switch. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2024-38422 – Integer Overflow to Buffer Overflow in Audio
https://notcve.org/view.php?id=CVE-2024-38422
04 Nov 2024 — Memory corruption while processing voice packet with arbitrary data received from ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-38408 – Cryptographic Issues in BT Controller
https://notcve.org/view.php?id=CVE-2024-38408
04 Nov 2024 — Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38407 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-38407
04 Nov 2024 — Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38406 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-38406
04 Nov 2024 — Memory corruption while handling IOCTL calls in JPEG Encoder driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 1CVE-2024-33060 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2024-33060
02 Sep 2024 — Memory corruption when two threads try to map and unmap a single node simultaneously. A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free. • https://packetstorm.news/files/id/181999 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2024-33052 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host
https://notcve.org/view.php?id=CVE-2024-33052
02 Sep 2024 — Memory corruption when user provides data for FM HCI command control operations. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2024-33051 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-33051
02 Sep 2024 — Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •