CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23364 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-23364
02 Sep 2024 — Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.1EPSS: 0%CPEs: 19EXPL: 0CVE-2024-23362 – Improper Input Validation in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2024-23362
02 Sep 2024 — Cryptographic issue while parsing RSA keys in COBR format. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 0%CPEs: 15EXPL: 0CVE-2024-23359 – Buffer Over-read in Multi Mode Call Processor
https://notcve.org/view.php?id=CVE-2024-23359
02 Sep 2024 — Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-23358 – Buffer Over-read in Multi Mode Call Processor
https://notcve.org/view.php?id=CVE-2024-23358
02 Sep 2024 — Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. • https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33034 – Use After Free in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-33034
05 Aug 2024 — Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33028 – Use After Free in Automotive Telematics
https://notcve.org/view.php?id=CVE-2024-33028
05 Aug 2024 — Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 9.7EPSS: 0%CPEs: 19EXPL: 0CVE-2024-33027 – Improper Access Control in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-33027
05 Aug 2024 — Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-284: Improper Access Control •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2024-33023 – Use After Free in Graphics Linux
https://notcve.org/view.php?id=CVE-2024-33023
05 Aug 2024 — Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-33022 – Integer Overflow or Wraparound in Automotive GPU
https://notcve.org/view.php?id=CVE-2024-33022
05 Aug 2024 — Memory corruption while allocating memory in HGSL driver. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-33021 – Use of Uninitialized Variable in Automotive GPU
https://notcve.org/view.php?id=CVE-2024-33021
05 Aug 2024 — Memory corruption while processing IOCTL call to set metainfo. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-457: Use of Uninitialized Variable •