CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2018-11922 – Configurations in Android Build
https://notcve.org/view.php?id=CVE-2018-11922
26 Nov 2024 — Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. Una configuración incorrecta en la aplicación Touch Pal puede recopilar datos sobre el comportamiento del usuario sin que éste se dé cuenta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-16: Configuration •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2017-11076 – Use of Out-of-range Pointer Offset in Video
https://notcve.org/view.php?id=CVE-2017-11076
26 Nov 2024 — On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. En algunas revisiones de hardware donde la decodificación VP9 está acelerada por hardware, el tamaño del cuadro no está programado correctamente en el hardware del decodificador, lo que puede provocar un acceso no válido a la memoria por parte del decodificador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2017-9711 – Permissions, Privileges, and Access Controls in Data
https://notcve.org/view.php?id=CVE-2017-9711
22 Nov 2024 — Certain unprivileged processes are able to perform IOCTL calls. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38424 – Use After Free in GPS
https://notcve.org/view.php?id=CVE-2024-38424
04 Nov 2024 — Memory corruption during GNSS HAL process initialization. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-38423 – Buffer Copy Without Checking Size of Input in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38423
04 Nov 2024 — Memory corruption while processing GPU page table switch. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2024-38422 – Integer Overflow to Buffer Overflow in Audio
https://notcve.org/view.php?id=CVE-2024-38422
04 Nov 2024 — Memory corruption while processing voice packet with arbitrary data received from ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38419 – Use After Free in Automotive GPU
https://notcve.org/view.php?id=CVE-2024-38419
04 Nov 2024 — Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-38415 – Use After Free in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38415
04 Nov 2024 — Memory corruption while handling session errors from firmware. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 8.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-38408 – Cryptographic Issues in BT Controller
https://notcve.org/view.php?id=CVE-2024-38408
04 Nov 2024 — Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23385 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2024-23385
04 Nov 2024 — Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-617: Reachable Assertion •