CVSS: 7.1EPSS: 0%CPEs: 370EXPL: 0CVE-2023-21626 – Improper Authentication in HLOS.
https://notcve.org/view.php?id=CVE-2023-21626
Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. Problema criptográfico en HLOS debido a una autenticación incorrecta al realizar comprobaciones de velocidad de clave utilizando más de una clave. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-287: Improper Authentication CWE-320: Key Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 542EXPL: 0CVE-2023-22387 – Use of Out-of-range Pointer Offset in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2023-22387
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 6.2EPSS: 0%CPEs: 134EXPL: 0CVE-2023-21624 – Information Exposure in DSP Services
https://notcve.org/view.php?id=CVE-2023-21624
Information disclosure in DSP Services while loading dynamic module. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 368EXPL: 0CVE-2023-21670 – Improper Access control in GPU Subsystem
https://notcve.org/view.php?id=CVE-2023-21670
Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode. Qualcomm Adreno/KGSL suffers from an issue where code in user-writable mapping is executed in non-protected mode. • http://packetstormsecurity.com/files/173296/Qualcomm-Adreno-KGSL-Insecure-Execution.html https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 392EXPL: 0CVE-2022-40529 – Improper access control in Kernel
https://notcve.org/view.php?id=CVE-2022-40529
Memory corruption due to improper access control in kernel while processing a mapping request from root process. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •