CVSS: 7.5EPSS: 0%CPEs: 298EXPL: 0CVE-2023-33081 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33081
Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. DOS transitorio al convertir parámetros de fotograma TWT (Target Wake Time) en la transmisión OTA. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 732EXPL: 0CVE-2023-33080 – Buffer over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33080
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. DOS transitorio mientras se analiza un IE (elemento de información) específico del fabricante del frame de gestión de respuesta de reasociación. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 254EXPL: 0CVE-2023-33041 – Reachable assertion in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33041
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. En ciertos escenarios, el firmware de WLAN alcanzará una afirmación debido a una confusión de estado al buscar ID de pares. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 8.4EPSS: 0%CPEs: 424EXPL: 0CVE-2023-33022 – Integer Overflow to Buffer Overflow in HLOS
https://notcve.org/view.php?id=CVE-2023-33022
Memory corruption in HLOS while invoking IOCTL calls from user-space. Corrupción de la memoria en HLOS al invocar llamadas IOCTL desde el espacio de usuario. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •