CVSS: 7.8EPSS: 0%CPEs: 484EXPL: 0CVE-2022-40521 – Improper authorization in Modem
https://notcve.org/view.php?id=CVE-2022-40521
06 Jun 2023 — Transient DOS due to improper authorization in Modem • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 8.4EPSS: 0%CPEs: 484EXPL: 0CVE-2022-40507 – Double free in Core
https://notcve.org/view.php?id=CVE-2022-40507
06 Jun 2023 — Memory corruption due to double free in Core while mapping HLOS address to the list. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-415: Double Free •
CVSS: 8.4EPSS: 0%CPEs: 220EXPL: 0CVE-2022-33307 – Double free in Automotive
https://notcve.org/view.php?id=CVE-2022-33307
06 Jun 2023 — Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 0CVE-2022-33303 – Uncontrolled resource consumption in Linux kernel
https://notcve.org/view.php?id=CVE-2022-33303
06 Jun 2023 — Transient DOS due to uncontrolled resource consumption in Linux kernel when malformed messages are sent from the Gunyah Resource Manager message queue. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.9EPSS: 0%CPEs: 484EXPL: 0CVE-2022-33264 – Stack-based buffer overflow in Modem
https://notcve.org/view.php?id=CVE-2022-33264
06 Jun 2023 — Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 98EXPL: 0CVE-2022-33263 – Use after free in Core
https://notcve.org/view.php?id=CVE-2022-33263
06 Jun 2023 — Memory corruption due to use after free in Core when multiple DCI clients register and deregister. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 148EXPL: 0CVE-2022-33251 – Reachable assertion in Modem
https://notcve.org/view.php?id=CVE-2022-33251
06 Jun 2023 — Transient DOS due to reachable assertion in Modem because of invalid network configuration. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 66EXPL: 0CVE-2022-33226 – Buffer copy without checking the size of input in Core
https://notcve.org/view.php?id=CVE-2022-33226
06 Jun 2023 — Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 92EXPL: 0CVE-2022-33224 – Buffer copy without checking the size of input in Core
https://notcve.org/view.php?id=CVE-2022-33224
06 Jun 2023 — Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 696EXPL: 0CVE-2022-22076 – Cryptographic issue in Core
https://notcve.org/view.php?id=CVE-2022-22076
06 Jun 2023 — information disclosure due to cryptographic issue in Core during RPMB read request. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-310: Cryptographic Issues •