CVSS: 7.8EPSS: 0%CPEs: 226EXPL: 0CVE-2023-33068 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33068
06 Feb 2024 — Memory corruption in Audio while processing IIR config data from AFE calibration block. Corrupción de la memoria en audio mientras se procesan datos de configuración IIR del bloque de calibración AFE. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 226EXPL: 0CVE-2023-33067 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33067
06 Feb 2024 — Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. Corrupción de la memoria en el audio al llamar al comando INICIO en el PCM de voz del host varias veces para los mismos puntos de derivación RX o TX. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.1EPSS: 0%CPEs: 208EXPL: 0CVE-2023-33065 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-33065
06 Feb 2024 — Information disclosure in Audio while accessing AVCS services from ADSP payload. Divulgación de información en audio al acceder a los servicios AVCS desde el payload ADSP. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 178EXPL: 0CVE-2023-33064 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2023-33064
06 Feb 2024 — Transient DOS in Audio when invoking callback function of ASM driver. DOS transitorio en audio al invocar la función de devolución de llamada del controlador ASM. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.0EPSS: 0%CPEs: 156EXPL: 0CVE-2023-28574 – Improper Input Validation in Core
https://notcve.org/view.php?id=CVE-2023-28574
07 Nov 2023 — Memory corruption in core services when Diag handler receives a command to configure event listeners. Corrupción de la memoria en los servicios principales cuando Diag handler recibe un comando para configurar los detectores de eventos. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 458EXPL: 0CVE-2023-28556 – Improper Authorization in HLOS
https://notcve.org/view.php?id=CVE-2023-28556
07 Nov 2023 — Cryptographic issue in HLOS during key management. Problema criptográfico en HLOS durante la gestión de claves. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-285: Improper Authorization •
CVSS: 8.2EPSS: 0%CPEs: 414EXPL: 0CVE-2023-28545 – Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28545
07 Nov 2023 — Memory corruption in TZ Secure OS while loading an app ELF. Corrupción de la memoria en TZ Secure OS al cargar una aplicación ELF. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 548EXPL: 0CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
07 Nov 2023 — Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 42EXPL: 0CVE-2023-33039 – Use After Free in Automotive Display
https://notcve.org/view.php?id=CVE-2023-33039
03 Oct 2023 — Memory corruption in Automotive Display while destroying the image handle created using connected display driver. Corrupción de la memoria en Automotive Display al destruir el identificador de imagen creado con el controlador de pantalla conectado. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 226EXPL: 0CVE-2023-24853 – Improper Input Validation in HLOS
https://notcve.org/view.php?id=CVE-2023-24853
03 Oct 2023 — Memory Corruption in HLOS while registering for key provisioning notify. Notificación de corrupción de memoria en HLOS al registrarse para el aprovisionamiento de claves. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •