CVSS: 7.8EPSS: 0%CPEs: 456EXPL: 0CVE-2023-28549 – Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28549
Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload. Corrupción de memoria en WLAN HAL al analizar el búfer Rx en el procesamiento del payload TLV. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 372EXPL: 0CVE-2023-28548 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28548
Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. Corrupción de memoria en WLAN HAL al procesar comandos Tx/Rx desde QDART. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 8.4EPSS: 0%CPEs: 518EXPL: 0CVE-2022-33275 – Improper validation of array index in WLAN HAL
https://notcve.org/view.php?id=CVE-2022-33275
Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. Corrupción de memoria debido a la validación incorrecta del índice de matriz en WLAN HAL cuando se recibe "lm_itemNum" estando fuera de rango. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.5EPSS: 0%CPEs: 540EXPL: 0CVE-2023-21659 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-21659
Transient DOS in WLAN Firmware while processing frames with missing header fields. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 392EXPL: 0CVE-2022-40529 – Improper access control in Kernel
https://notcve.org/view.php?id=CVE-2022-40529
Memory corruption due to improper access control in kernel while processing a mapping request from root process. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •