CVSS: 8.4EPSS: 0%CPEs: 476EXPL: 0CVE-2022-25655 – Buffer copy without checking the size of input in WLAN HAL.
https://notcve.org/view.php?id=CVE-2022-25655
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 148EXPL: 0CVE-2022-33279 – Stack based buffer overflow in WLAN
https://notcve.org/view.php?id=CVE-2022-33279
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. • https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 314EXPL: 0CVE-2022-33243 – Improper access control in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2022-33243
Memory corruption due to improper access control in Qualcomm IPC. • https://www.qualcomm.com/company/product-security/bulletins/february-2023-bulletin • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-33265 – Information exposure in Powerline Communication Firmware
https://notcve.org/view.php?id=CVE-2022-33265
Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device. Corrupción de la memoria debido a la exposición de información en el firmware de comunicación Powerline al enviar diferentes MME desde un único dispositivo no asociado. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 6.0EPSS: 0%CPEs: 156EXPL: 0CVE-2022-25722 – Information Exposure in DSP Services
https://notcve.org/view.php?id=CVE-2022-25722
Information exposure in DSP services due to improper handling of freeing memory Exposición de información en servicios DSP por manejo inadecuado de liberación de memoria • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-416: Use After Free •