CVSS: 9.3EPSS: 0%CPEs: 48EXPL: 0CVE-2023-21671 – Improper Input Validation in Core
https://notcve.org/view.php?id=CVE-2023-21671
07 Nov 2023 — Memory Corruption in Core during syscall for Sectools Fuse comparison feature. Corrupción de la memoria en Core durante la llamada al sistema para la función de comparación de Sectools Fuse. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 288EXPL: 0CVE-2023-33035 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33035
03 Oct 2023 — Memory corruption while invoking callback function of AFE from ADSP. Corrupción de la memoria al invocar la función de devolución de llamada de AFE desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 128EXPL: 0CVE-2023-33034 – Signed-to-unsigned conversion error in Audio
https://notcve.org/view.php?id=CVE-2023-33034
03 Oct 2023 — Memory corruption while parsing the ADSP response command. Corrupción de la memoria al analizar el comando de respuesta ADSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-195: Signed to Unsigned Conversion Error CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 264EXPL: 0CVE-2023-33029 – Use After Free in DSP Service
https://notcve.org/view.php?id=CVE-2023-33029
03 Oct 2023 — Memory corruption in DSP Service during a remote call from HLOS to DSP. Corrupción de la memoria en el servicio DSP durante una llamada remota de HLOS a DSP. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 352EXPL: 0CVE-2023-33028 – Buffer Copy without Checking Size of Input in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33028
03 Oct 2023 — Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. Corrupción de la memoria en el WLAN Firmware al realizar una copia de la memoria del caché pmk. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 656EXPL: 0CVE-2023-33027 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33027
03 Oct 2023 — Transient DOS in WLAN Firmware while parsing rsn ies. DOS transitorio en el WLAN Firmware mientras se analiza rsn ies. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 390EXPL: 0CVE-2023-33026 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33026
03 Oct 2023 — Transient DOS in WLAN Firmware while parsing a NAN management frame. DOS transitorio en el WLAN Firmware mientras se analiza un frame de administración NAN. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.1EPSS: 0%CPEs: 304EXPL: 0CVE-2023-28540 – Improper Authentication in Data Modem
https://notcve.org/view.php?id=CVE-2023-28540
03 Oct 2023 — Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Problema criptográfico en Data Modem debido a una autenticación incorrecta durante el protocolo de enlace TLS. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 126EXPL: 0CVE-2023-24855 – Use of Out-of-range Pointer Offset in Modem
https://notcve.org/view.php?id=CVE-2023-24855
03 Oct 2023 — Memory corruption in Modem while processing security related configuration before AS Security Exchange. Corrupción de la memoria en el Modem mientras se procesa la configuración relacionada con la seguridad antes de AS Security Exchange. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 412EXPL: 0CVE-2023-24850 – Improper Validation of Array Index in HLOS
https://notcve.org/view.php?id=CVE-2023-24850
03 Oct 2023 — Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Corrupción de la memoria en HLOS al importar una clave criptográfica en la aplicación de confianza KeyMaster. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-129: Improper Validation of Array Index •