CVSS: 6.1EPSS: 0%CPEs: 256EXPL: 0CVE-2023-28566 – Buffer Over-read in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28566
07 Nov 2023 — Information disclosure in WLAN HAL while handling the WMI state info command. Divulgación de información en WLAN HAL mientras se maneja el comando de información de estado de WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 466EXPL: 0CVE-2023-28563 – Buffer Over-read in IOE Firmware
https://notcve.org/view.php?id=CVE-2023-28563
07 Nov 2023 — Information disclosure in IOE Firmware while handling WMI command. Divulgación de información en IOE Firmware mientras se maneja el comando WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 458EXPL: 0CVE-2023-28556 – Improper Authorization in HLOS
https://notcve.org/view.php?id=CVE-2023-28556
07 Nov 2023 — Cryptographic issue in HLOS during key management. Problema criptográfico en HLOS durante la gestión de claves. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-285: Improper Authorization •
CVSS: 8.2EPSS: 0%CPEs: 414EXPL: 0CVE-2023-28545 – Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28545
07 Nov 2023 — Memory corruption in TZ Secure OS while loading an app ELF. Corrupción de la memoria en TZ Secure OS al cargar una aplicación ELF. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 548EXPL: 0CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
07 Nov 2023 — Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 464EXPL: 0CVE-2023-22388 – Use of Out-of-range Pointer Offset in Multi-mode Call Processor
https://notcve.org/view.php?id=CVE-2023-22388
07 Nov 2023 — Memory Corruption in Multi-mode Call Processor while processing bit mask API. Corrupción de la memoria en Multi-mode Call Processor mientras se procesa la API de máscara de bits. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 412EXPL: 0CVE-2023-24850 – Improper Validation of Array Index in HLOS
https://notcve.org/view.php?id=CVE-2023-24850
03 Oct 2023 — Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Corrupción de la memoria en HLOS al importar una clave criptográfica en la aplicación de confianza KeyMaster. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 8.2EPSS: 0%CPEs: 476EXPL: 0CVE-2023-24849 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24849
03 Oct 2023 — Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Divulgación de información en el Modem de datos mientras se analiza una línea FMTP en un mensaje SDP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 8.2EPSS: 0%CPEs: 488EXPL: 0CVE-2023-24848 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24848
03 Oct 2023 — Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Divulgación de información en el Modem de datos mientras se realiza una llamada VoLTE con un valor de línea RTCP FB indefinido. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 514EXPL: 0CVE-2023-24847 – NULL pointer Dereference in Modem
https://notcve.org/view.php?id=CVE-2023-24847
03 Oct 2023 — Transient DOS in Modem while allocating DSM items. DOS transitorio en el módem mientras se asignan elementos DSM. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-476: NULL Pointer Dereference •