CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38407 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-38407
04 Nov 2024 — Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38406 – Time-of-check Time-of-use (TOCTOU) Race Condition in Camera
https://notcve.org/view.php?id=CVE-2024-38406
04 Nov 2024 — Memory corruption while handling IOCTL calls in JPEG Encoder driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/november-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33065 – Improper Input Validation in Camera
https://notcve.org/view.php?id=CVE-2024-33065
07 Oct 2024 — Memory corruption while taking snapshot when an offset variable is set by camera driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 1CVE-2024-33060 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2024-33060
02 Sep 2024 — Memory corruption when two threads try to map and unmap a single node simultaneously. A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free. • https://packetstorm.news/files/id/181999 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2024-33051 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-33051
02 Sep 2024 — Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.2EPSS: 0%CPEs: 29EXPL: 0CVE-2024-33016 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Storage
https://notcve.org/view.php?id=CVE-2024-33016
02 Sep 2024 — memory corruption when an invalid firehose patch command is invoked. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 19EXPL: 0CVE-2024-23362 – Improper Input Validation in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2024-23362
02 Sep 2024 — Cryptographic issue while parsing RSA keys in COBR format. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-23359 – Buffer Over-read in Multi Mode Call Processor
https://notcve.org/view.php?id=CVE-2024-23359
02 Sep 2024 — Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2024-33014 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33014
05 Aug 2024 — Transient DOS while parsing ESP IE from beacon/probe response frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-23356 – Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS
https://notcve.org/view.php?id=CVE-2024-23356
05 Aug 2024 — Memory corruption during session sign renewal request calls in HLOS. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •