CVSS: 7.1EPSS: 0%CPEs: 94EXPL: 0CVE-2023-33060 – Buffer Over-read in Core
https://notcve.org/view.php?id=CVE-2023-33060
Transient DOS in Core when DDR memory check is called while DDR is not initialized. DOS transitorio en Core cuando se llama a la verificación de la memoria DDR mientras DDR no está inicializado. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.1EPSS: 0%CPEs: 94EXPL: 0CVE-2023-33058 – Buffer Copy Without Checking Size of Input in Modem
https://notcve.org/view.php?id=CVE-2023-33058
Information disclosure in Modem while processing SIB5. Divulgación de información en Modem durante el procesamiento SIB5. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 202EXPL: 0CVE-2023-33057 – Improper Input Validation in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33057
Transient DOS in Multi-Mode Call Processor while processing UE policy container. DOS transitorio en el procesador de llamadas multimodo mientras se procesa el contenedor de políticas UE. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 202EXPL: 0CVE-2023-33049 – Improper Release of Memory Before Removing Last Reference in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33049
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. DOS transitorio en el procesador de llamadas multimodo debido a una falla del UE debido a una fuga de montón. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 98EXPL: 0CVE-2023-33046 – Time-of-check Time-of-use (TOCTOU) Race Condition in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-33046
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. Corrupción de la memoria en Trusted Execution Environment al desinicializar un objeto utilizado para la validación de la licencia. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •