CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2023-33023 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications
https://notcve.org/view.php?id=CVE-2023-33023
01 Apr 2024 — Memory corruption while processing finish_sign command to pass a rsp buffer. Corrupción de la memoria al procesar el comando Finish_sign para pasar un búfer rsp. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 47EXPL: 0CVE-2023-28547 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28547
01 Apr 2024 — Memory corruption in SPS Application while requesting for public key in sorter TA. Corrupción de la memoria en la aplicación SPS al solicitar la clave pública en el clasificador TA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-43548 – Buffer Copy Without Checking Size of Input in Video
https://notcve.org/view.php?id=CVE-2023-43548
04 Mar 2024 — Memory corruption while parsing qcp clip with invalid chunk data size. Corrupción de la memoria al analizar el clip qcp con un tamaño de fragmento de datos no válido. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33104 – Improper input Validation in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33104
04 Mar 2024 — Transient DOS while processing PDU Release command with a parameter PDU ID out of range. DOS transitorio mientras se procesa el comando de liberación de PDU con un ID de PDU de parámetro fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33096 – Reachable Assertion in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33096
04 Mar 2024 — Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16. DOS transitorio mientras se procesa el mensaje de transporte DL NAS, como se especifica en 3GPP 24.501 v16. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33095 – Reachable Assertion in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-33095
04 Mar 2024 — Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR. DOS transitorio mientras se procesan múltiples tipos de contenedores de carga útil con una longitud de contenedor incorrecta recibida en el transporte DL NAS OTA en NR. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-33086 – Improper Release of Memory Before Removing Last Reference in Data Modem
https://notcve.org/view.php?id=CVE-2023-33086
04 Mar 2024 — Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. DOS transitorio mientras se procesan múltiples solicitudes de información IKEV2 al dispositivo desde el servidor IPSEC con diferentes identificadores. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.4EPSS: 0%CPEs: 54EXPL: 0CVE-2023-33066 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33066
04 Mar 2024 — Memory corruption in Audio while processing RT proxy port register driver. Corrupción de la memoria en el audio mientras se procesa el controlador de registro del puerto proxy RT. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.3EPSS: 0%CPEs: 39EXPL: 0CVE-2023-28578 – Improper Input Validation in Services
https://notcve.org/view.php?id=CVE-2023-28578
04 Mar 2024 — Memory corruption in Core Services while executing the command for removing a single event listener. Corrupción de la memoria en Core Services al ejecutar el comando para eliminar un único detector de eventos. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-20: Improper Input Validation •