CVSS: 8.4EPSS: 0%CPEs: 12EXPL: 0CVE-2023-33119 – Time-of-check Time-of-use (TOCTOU) Race Condition in Hypervisor
https://notcve.org/view.php?id=CVE-2023-33119
06 May 2024 — Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache. Daños en la memoria al cargar una máquina virtual desde una imagen de máquina virtual firmada que no es coherente en la memoria caché del procesador. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2024-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-21468 – Use After Free in Kernel
https://notcve.org/view.php?id=CVE-2024-21468
01 Apr 2024 — Memory corruption when there is failed unmap operation in GPU. Corrupción de la memoria cuando falla la operación de desasignación en la GPU. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-33115 – Buffer Over-read in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-33115
01 Apr 2024 — Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. Corrupción de la memoria durante el procesamiento de la inicialización del búfer, cuando se generan informes confiables para ciertos tipos de informes. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33101 – Incorrect Type Conversion or Cast in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33101
01 Apr 2024 — Transient DOS while processing DL NAS TRANSPORT message with payload length 0. DOS transitorio mientras se procesa el mensaje DL NAS TRANSPORT con longitud de payload 0. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33099 – Improper Input Validation in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33099
01 Apr 2024 — Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR. DOS transitorio mientras se procesa un contenedor de SMS de tamaño no estándar recibido en el transporte DL NAS en NR. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2023-33023 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications
https://notcve.org/view.php?id=CVE-2023-33023
01 Apr 2024 — Memory corruption while processing finish_sign command to pass a rsp buffer. Corrupción de la memoria al procesar el comando Finish_sign para pasar un búfer rsp. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 47EXPL: 0CVE-2023-28547 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28547
01 Apr 2024 — Memory corruption in SPS Application while requesting for public key in sorter TA. Corrupción de la memoria en la aplicación SPS al solicitar la clave pública en el clasificador TA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-43548 – Buffer Copy Without Checking Size of Input in Video
https://notcve.org/view.php?id=CVE-2023-43548
04 Mar 2024 — Memory corruption while parsing qcp clip with invalid chunk data size. Corrupción de la memoria al analizar el clip qcp con un tamaño de fragmento de datos no válido. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33104 – Improper input Validation in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33104
04 Mar 2024 — Transient DOS while processing PDU Release command with a parameter PDU ID out of range. DOS transitorio mientras se procesa el comando de liberación de PDU con un ID de PDU de parámetro fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33096 – Reachable Assertion in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33096
04 Mar 2024 — Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. DOS transitorio mientras se procesa el mensaje de transporte DL NAS, como se especifica en 3GPP 24.501 v16. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-617: Reachable Assertion •