CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-43048 – Stack-based Buffer Overflow in Performance
https://notcve.org/view.php?id=CVE-2024-43048
02 Dec 2024 — Memory corruption when invalid input is passed to invoke GPU Headroom API call. Corrupción de memoria cuando se pasa una entrada no válida para invocar la llamada GPU Headroom API. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-33063 – Integer Overflow or Wraparound in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33063
02 Dec 2024 — Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. DOS transitorio mientras se analiza el ML IE cuando una baliza con una longitud de información común del ML IE es mayor que el ML IE dentro del cual está presente este elemento. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2024-33056 – Buffer Over-read in MProc
https://notcve.org/view.php?id=CVE-2024-33056
02 Dec 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition continuously. Corrupción de memoria al asignar y acceder a una entrada en una partición SMEM de forma continua. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 19EXPL: 0CVE-2024-33044 – Improper Validation of Array Index in Hypervisor
https://notcve.org/view.php?id=CVE-2024-33044
02 Dec 2024 — Memory corruption while Configuring the SMR/S2CR register in Bypass mode. Corrupción de memoria al configurar el registro SMR/S2CR en modo Bypass. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-5852 – Buffer Over-read in IPA
https://notcve.org/view.php?id=CVE-2018-5852
26 Nov 2024 — An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat' • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-11952 – Improper Authentication in TrustZone
https://notcve.org/view.php?id=CVE-2018-11952
26 Nov 2024 — An image with a version lower than the fuse version may potentially be booted lead to improper authentication. Es posible que una imagen con una versión inferior a la versión de fuse se inicie y dé lugar a una autenticación incorrecta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2018-11922 – Configurations in Android Build
https://notcve.org/view.php?id=CVE-2018-11922
26 Nov 2024 — Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. Una configuración incorrecta en la aplicación Touch Pal puede recopilar datos sobre el comportamiento del usuario sin que éste se dé cuenta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-16: Configuration •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2017-11076 – Use of Out-of-range Pointer Offset in Video
https://notcve.org/view.php?id=CVE-2017-11076
26 Nov 2024 — On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. En algunas revisiones de hardware donde la decodificación VP9 está acelerada por hardware, el tamaño del cuadro no está programado correctamente en el hardware del decodificador, lo que puede provocar un acceso no válido a la memoria por parte del decodificador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2017-9711 – Permissions, Privileges, and Access Controls in Data
https://notcve.org/view.php?id=CVE-2017-9711
22 Nov 2024 — Certain unprivileged processes are able to perform IOCTL calls. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38424 – Use After Free in GPS
https://notcve.org/view.php?id=CVE-2024-38424
04 Nov 2024 — Memory corruption during GNSS HAL process initialization. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •