CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-17772 – Multiple buffer overread vulnerabilities in WLAN
https://notcve.org/view.php?id=CVE-2017-17772
26 Nov 2024 — In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation. En múltiples funciones que procesan tramas 802.11, pueden ocurrir lecturas fuera de los límites debido a una validación insuficiente. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2017-15832 – Buffer overwrite due to improper input validation in WLAN host
https://notcve.org/view.php?id=CVE-2017-15832
26 Nov 2024 — Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW Sobrescritura de búfer en el controlador del host WLAN aprovechando un FW WLAN comprometido • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2017-11076 – Use of Out-of-range Pointer Offset in Video
https://notcve.org/view.php?id=CVE-2017-11076
26 Nov 2024 — On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. En algunas revisiones de hardware donde la decodificación VP9 está acelerada por hardware, el tamaño del cuadro no está programado correctamente en el hardware del decodificador, lo que puede provocar un acceso no válido a la memoria por parte del decodificador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-10394 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2016-10394
26 Nov 2024 — Initial xbl_sec revision does not have all the debug policy features and critical checks. La revisión inicial de xbl_sec no tiene todas las características de la política de depuración ni las comprobaciones críticas. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-287: Improper Authentication •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2017-9711 – Permissions, Privileges, and Access Controls in Data
https://notcve.org/view.php?id=CVE-2017-9711
22 Nov 2024 — Certain unprivileged processes are able to perform IOCTL calls. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-38423 – Buffer Copy Without Checking Size of Input in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38423
04 Nov 2024 — Memory corruption while processing GPU page table switch. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2024-38422 – Integer Overflow to Buffer Overflow in Audio
https://notcve.org/view.php?id=CVE-2024-38422
04 Nov 2024 — Memory corruption while processing voice packet with arbitrary data received from ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-38408 – Cryptographic Issues in BT Controller
https://notcve.org/view.php?id=CVE-2024-38408
04 Nov 2024 — Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-310: Cryptographic Issues •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 1CVE-2024-33060 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2024-33060
02 Sep 2024 — Memory corruption when two threads try to map and unmap a single node simultaneously. A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free. • https://packetstorm.news/files/id/181999 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2024-33052 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in FM Host
https://notcve.org/view.php?id=CVE-2024-33052
02 Sep 2024 — Memory corruption when user provides data for FM HCI command control operations. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •