CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18306 – Information Exposure in Camera Driver
https://notcve.org/view.php?id=CVE-2017-18306
26 Nov 2024 — Information disclosure due to uninitialized variable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-11952 – Improper Authentication in TrustZone
https://notcve.org/view.php?id=CVE-2018-11952
26 Nov 2024 — An image with a version lower than the fuse version may potentially be booted lead to improper authentication. Es posible que una imagen con una versión inferior a la versión de fuse se inicie y dé lugar a una autenticación incorrecta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-17772 – Multiple buffer overread vulnerabilities in WLAN
https://notcve.org/view.php?id=CVE-2017-17772
26 Nov 2024 — In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation. En múltiples funciones que procesan tramas 802.11, pueden ocurrir lecturas fuera de los límites debido a una validación insuficiente. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2017-11076 – Use of Out-of-range Pointer Offset in Video
https://notcve.org/view.php?id=CVE-2017-11076
26 Nov 2024 — On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. En algunas revisiones de hardware donde la decodificación VP9 está acelerada por hardware, el tamaño del cuadro no está programado correctamente en el hardware del decodificador, lo que puede provocar un acceso no válido a la memoria por parte del decodificador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 6.7EPSS: 0%CPEs: 10EXPL: 0CVE-2017-9711 – Permissions, Privileges, and Access Controls in Data
https://notcve.org/view.php?id=CVE-2017-9711
22 Nov 2024 — Certain unprivileged processes are able to perform IOCTL calls. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-38424 – Use After Free in GPS
https://notcve.org/view.php?id=CVE-2024-38424
04 Nov 2024 — Memory corruption during GNSS HAL process initialization. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-38423 – Buffer Copy Without Checking Size of Input in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-38423
04 Nov 2024 — Memory corruption while processing GPU page table switch. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2024-38422 – Integer Overflow to Buffer Overflow in Audio
https://notcve.org/view.php?id=CVE-2024-38422
04 Nov 2024 — Memory corruption while processing voice packet with arbitrary data received from ADSP. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-38419 – Use After Free in Automotive GPU
https://notcve.org/view.php?id=CVE-2024-38419
04 Nov 2024 — Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-38415 – Use After Free in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38415
04 Nov 2024 — Memory corruption while handling session errors from firmware. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-416: Use After Free •