CVSS: 8.4EPSS: 0%CPEs: 19EXPL: 0CVE-2024-33044 – Improper Validation of Array Index in Hypervisor
https://notcve.org/view.php?id=CVE-2024-33044
02 Dec 2024 — Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Corrupción de memoria al configurar el registro SMR/S2CR en modo Bypass. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-5852 – Buffer Over-read in IPA
https://notcve.org/view.php?id=CVE-2018-5852
26 Nov 2024 — An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat' • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18307 – Information Exposure in Kernel
https://notcve.org/view.php?id=CVE-2017-18307
26 Nov 2024 — Information disclosure possible while audio playback. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18306 – Information Exposure in Camera Driver
https://notcve.org/view.php?id=CVE-2017-18306
26 Nov 2024 — Information disclosure due to uninitialized variable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-11952 – Improper Authentication in TrustZone
https://notcve.org/view.php?id=CVE-2018-11952
26 Nov 2024 — An image with a version lower than the fuse version may potentially be booted lead to improper authentication. Es posible que una imagen con una versión inferior a la versión de fuse se inicie y dé lugar a una autenticación incorrecta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-17772 – Multiple buffer overread vulnerabilities in WLAN
https://notcve.org/view.php?id=CVE-2017-17772
26 Nov 2024 — In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation. En múltiples funciones que procesan tramas 802.11, pueden ocurrir lecturas fuera de los límites debido a una validación insuficiente. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2017-11076 – Use of Out-of-range Pointer Offset in Video
https://notcve.org/view.php?id=CVE-2017-11076
26 Nov 2024 — On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. En algunas revisiones de hardware donde la decodificación VP9 está acelerada por hardware, el tamaño del cuadro no está programado correctamente en el hardware del decodificador, lo que puede provocar un acceso no válido a la memoria por parte del decodificador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2017-9711 – Permissions, Privileges, and Access Controls in Data
https://notcve.org/view.php?id=CVE-2017-9711
22 Nov 2024 — Certain unprivileged processes are able to perform IOCTL calls. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-38423 – Buffer Copy Without Checking Size of Input in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38423
04 Nov 2024 — Memory corruption while processing GPU page table switch. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2024-38422 – Integer Overflow to Buffer Overflow in Audio
https://notcve.org/view.php?id=CVE-2024-38422
04 Nov 2024 — Memory corruption while processing voice packet with arbitrary data received from ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •