CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23386 – Improper Input Validation in Video
https://notcve.org/view.php?id=CVE-2024-23386
memory corruption when WiFi display APIs are invoked with large random inputs. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23385 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2024-23385
Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43047 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-43047
Memory corruption while maintaining memory maps of HLOS memory. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38425 – Improper Authorization in Performance
https://notcve.org/view.php?id=CVE-2024-38425
Information disclosure while sending implicit broadcast containing APP launch information. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38397 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-38397
Transient DOS while parsing probe response and assoc response frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-126: Buffer Over-read •