CVSS: 6.1EPSS: 0%CPEs: 182EXPL: 0CVE-2023-28568 – Buffer Over-read in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28568
07 Nov 2023 — Information disclosure in WLAN HAL when reception status handler is called. Divulgación de información en WLAN HAL cuando se llama al controlador de estado de recepción. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 256EXPL: 0CVE-2023-28566 – Buffer Over-read in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28566
07 Nov 2023 — Information disclosure in WLAN HAL while handling the WMI state info command. Divulgación de información en WLAN HAL mientras se maneja el comando de información de estado de WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 466EXPL: 0CVE-2023-28563 – Buffer Over-read in IOE Firmware
https://notcve.org/view.php?id=CVE-2023-28563
07 Nov 2023 — Information disclosure in IOE Firmware while handling WMI command. Divulgación de información en IOE Firmware mientras se maneja el comando WMI. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 458EXPL: 0CVE-2023-28556 – Improper Authorization in HLOS
https://notcve.org/view.php?id=CVE-2023-28556
07 Nov 2023 — Cryptographic issue in HLOS during key management. Problema criptográfico en HLOS durante la gestión de claves. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-285: Improper Authorization •
CVSS: 8.2EPSS: 0%CPEs: 414EXPL: 0CVE-2023-28545 – Improper Restriction of Operations within the Bounds of a Memory Buffer in TZ Secure OS
https://notcve.org/view.php?id=CVE-2023-28545
07 Nov 2023 — Memory corruption in TZ Secure OS while loading an app ELF. Corrupción de la memoria en TZ Secure OS al cargar una aplicación ELF. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 548EXPL: 0CVE-2023-24852 – Improper Authentication in Core
https://notcve.org/view.php?id=CVE-2023-24852
07 Nov 2023 — Memory Corruption in Core due to secure memory access by user while loading modem image. Corrupción de la memoria en Core debido al acceso seguro a la memoria por parte del usuario mientras carga la imagen del módem. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-287: Improper Authentication CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 464EXPL: 0CVE-2023-22388 – Use of Out-of-range Pointer Offset in Multi-mode Call Processor
https://notcve.org/view.php?id=CVE-2023-22388
07 Nov 2023 — Memory Corruption in Multi-mode Call Processor while processing bit mask API. Corrupción de la memoria en Multi-mode Call Processor mientras se procesa la API de máscara de bits. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.4EPSS: 0%CPEs: 336EXPL: 0CVE-2023-33021 – Use After Free in Graphics
https://notcve.org/view.php?id=CVE-2023-33021
05 Sep 2023 — Memory corruption in Graphics while processing user packets for command submission. Corrupción de la memoria en Graphics al procesar paquetes de usuario para el envío de comandos. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 144EXPL: 0CVE-2023-28584 – Improper Authorization in WLAN Host
https://notcve.org/view.php?id=CVE-2023-28584
05 Sep 2023 — Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA). Un ataque de denegación de servicio (DOS) en WLAN host cuando una estación móvil recibe un canal no válido en CSA IE mientras realiza el anuncio de cambio de canal (CSA). • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 584EXPL: 0CVE-2023-28567 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28567
05 Sep 2023 — Memory corruption in WLAN HAL while handling command through WMI interfaces. Corrupción de memoria en WLAN HAL al manejar flujos de comandos a través de interfaces WMI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •