CVSS: 7.8EPSS: 0%CPEs: 288EXPL: 0CVE-2023-33079 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33079
Memory corruption in Audio while running invalid audio recording from ADSP. Corrupción de la memoria en audio mientras se ejecuta una grabación de audio no válida desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 424EXPL: 0CVE-2023-33022 – Integer Overflow to Buffer Overflow in HLOS
https://notcve.org/view.php?id=CVE-2023-33022
Memory corruption in HLOS while invoking IOCTL calls from user-space. Corrupción de la memoria en HLOS al invocar llamadas IOCTL desde el espacio de usuario. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 526EXPL: 0CVE-2023-33018 – Integer Overflow to Buffer Overflow in User Identity Module
https://notcve.org/view.php?id=CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name. Corrupción de la memoria al utilizar el comando diag de User Identity Module (UIM) para obtener el nombre del operador. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 554EXPL: 0CVE-2023-33017 – Buffer Copy Without Checking Size of Input in Boot
https://notcve.org/view.php?id=CVE-2023-33017
Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. Corrupción de la memoria en el arranque mientras se ejecuta una prueba ListVars en el menú UEFI durante el arranque. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •