CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2023-33023 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications
https://notcve.org/view.php?id=CVE-2023-33023
01 Apr 2024 — Memory corruption while processing finish_sign command to pass a rsp buffer. Corrupción de la memoria al procesar el comando Finish_sign para pasar un búfer rsp. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 47EXPL: 0CVE-2023-28547 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28547
01 Apr 2024 — Memory corruption in SPS Application while requesting for public key in sorter TA. Corrupción de la memoria en la aplicación SPS al solicitar la clave pública en el clasificador TA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43553 – Use of Out-of-range Pointer Offset in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43553
04 Mar 2024 — Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE. Corrupción de la memoria al analizar el marco de respuesta de baliza/sonda cuando AP envía más enlaces compatibles en MLIE. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43552 – Use After Free in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2023-43552
04 Mar 2024 — Memory corruption while processing MBSSID beacon containing several subelement IE. Corrupción de la memoria al procesar la baliza MBSSID que contiene varios subelementos IE. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43549 – Stack-based Buffer Overflow in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-43549
04 Mar 2024 — Memory corruption while processing TPC target power table in FTM TPC. Corrupción de la memoria al procesar la tabla de potencia objetivo de TPC en FTM TPC. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43539 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43539
04 Mar 2024 — Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame. DOS transitorio mientras se procesa una trama del protocolo 802.11az Fine Time Measurement con formato incorrecto. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-33105 – Configuration Issue in WLAN Host and Firmware
https://notcve.org/view.php?id=CVE-2023-33105
04 Mar 2024 — Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. DOS transitorio en el host y el firmware de WLAN cuando se envía una gran cantidad de marcos de autenticación abiertos con un número de secuencia de transacción no válido. • https://github.com/D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware • CWE-16: Configuration •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-33086 – Improper Release of Memory Before Removing Last Reference in Data Modem
https://notcve.org/view.php?id=CVE-2023-33086
04 Mar 2024 — Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers. DOS transitorio mientras se procesan múltiples solicitudes de información IKEV2 al dispositivo desde el servidor IPSEC con diferentes identificadores. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.4EPSS: 0%CPEs: 54EXPL: 0CVE-2023-33066 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33066
04 Mar 2024 — Memory corruption in Audio while processing RT proxy port register driver. Corrupción de la memoria en el audio mientras se procesa el controlador de registro del puerto proxy RT. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 9.3EPSS: 0%CPEs: 39EXPL: 0CVE-2023-28578 – Improper Input Validation in Services
https://notcve.org/view.php?id=CVE-2023-28578
04 Mar 2024 — Memory corruption in Core Services while executing the command for removing a single event listener. Corrupción de la memoria en Core Services al ejecutar el comando para eliminar un único detector de eventos. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-20: Improper Input Validation •