CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-33011 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33011
05 Aug 2024 — Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2024-33010 – Use After Free in WLAN Host
https://notcve.org/view.php?id=CVE-2024-33010
05 Aug 2024 — Transient DOS while parsing fragments of MBSSID IE from beacon frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 6.2EPSS: 0%CPEs: 30EXPL: 0CVE-2024-23357 – NULL Pointer Dereference in HLOS
https://notcve.org/view.php?id=CVE-2024-23357
05 Aug 2024 — Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2024-23356 – Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS
https://notcve.org/view.php?id=CVE-2024-23356
05 Aug 2024 — Memory corruption during session sign renewal request calls in HLOS. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 44EXPL: 0CVE-2024-23353 – Buffer Over-read in Multi Mode Call Processor
https://notcve.org/view.php?id=CVE-2024-23353
05 Aug 2024 — Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 11EXPL: 0CVE-2024-21481 – Improper Restriction of Operations within the Bounds of a Memory Buffer in Hypervisor
https://notcve.org/view.php?id=CVE-2024-21481
05 Aug 2024 — Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-21467 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-21467
05 Aug 2024 — Information disclosure while handling beacon probe frame during scan entry generation in client side. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-21459 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-21459
05 Aug 2024 — Information disclosure while handling beacon or probe response frame in STA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-23363 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2024-23363
03 Jun 2024 — Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame. DOS transitorio mientras se procesa un marco de gestión de medición de tiempo fino (FTM) con formato incorrecto. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 9.4EPSS: 0%CPEs: 45EXPL: 0CVE-2023-43551 – Improper Authentication in Multi-Mode Call Processor
https://notcve.org/view.php?id=CVE-2023-43551
03 Jun 2024 — Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command. Problema criptográfico al realizar la conexión con una red LTE, una estación base no autorizada puede omitir la fase de autenticación y enviar inmediatamente el comando del modo de seguridad. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-287: Improper Authentication •