CVSS: 8.4EPSS: 0%CPEs: 484EXPL: 0CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-33107
05 Dec 2023 — Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 306EXPL: 0CVE-2023-33106 – Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
https://notcve.org/view.php?id=CVE-2023-33106
05 Dec 2023 — Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. Corrupción de la memoria al enviar una lista grande de puntos de sincronización en un comando AUX al IOCTL_KGSL_GPU_AUX_COMMAND. Multiple Qualcomm chipsets contain a use of out-of-range pointer offset vulnerability due to memory corruption in Graphics while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 526EXPL: 0CVE-2023-33098 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33098
05 Dec 2023 — Transient DOS while parsing WPA IES, when it is passed with length more than expected size. DOS transitorio al analizar WPA IES, cuando se pasa con una longitud mayor que el tamaño esperado. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 190EXPL: 0CVE-2023-33092 – Buffer Copy Without Checking Size of Input in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-33092
05 Dec 2023 — Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. Corrupción de la memoria al procesar la respuesta del PIN en Bluetooth, cuando el código PIN recibido desde la capa de la APLICACIÓN es mayor que el tamaño esperado. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 612EXPL: 0CVE-2023-33088 – NULL pointer dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33088
05 Dec 2023 — Memory corruption when processing cmd parameters while parsing vdev. Corrupción de la memoria al procesar parámetros cmd mientras se analiza vdev. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 236EXPL: 0CVE-2023-33087 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Core
https://notcve.org/view.php?id=CVE-2023-33087
05 Dec 2023 — Memory corruption in Core while processing RX intent request. Corrupción de la memoria en Core mientras se procesa la solicitud de intención RX. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 732EXPL: 0CVE-2023-33080 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33080
05 Dec 2023 — Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. DOS transitorio mientras se analiza un IE (elemento de información) específico del fabricante del frame de gestión de respuesta de reasociación. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
05 Dec 2023 — Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVSS: 9.4EPSS: 0%CPEs: 336EXPL: 0CVE-2023-33054 – Improper Authentication in GPS HLOS Driver
https://notcve.org/view.php?id=CVE-2023-33054
05 Dec 2023 — Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Problema criptográfico en el controlador GPS HLOS al descargar datos de asistencia GNSS de Qualcomm. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 180EXPL: 0CVE-2023-33044 – Reachable Assertion in Data Modem
https://notcve.org/view.php?id=CVE-2023-33044
05 Dec 2023 — Transient DOS in Data modem while handling TLB control messages from the Network. DOS transitorio en módem de datos mientras se manejan mensajes de control TLB de la Red. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •