CVSS: 7.8EPSS: 0%CPEs: 562EXPL: 0CVE-2023-33063 – Qualcomm Multiple Chipsets Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-33063
Memory corruption in DSP Services during a remote call from HLOS to DSP. Corrupción de la memoria en los servicios DSP durante una llamada remota de HLOS a DSP. Multiple Qualcomm chipsets contain a use-after-free vulnerability due to memory corruption in DSP Services during a remote call from HLOS to DSP. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 336EXPL: 0CVE-2023-33054 – Improper Authentication in GPS HLOS Driver
https://notcve.org/view.php?id=CVE-2023-33054
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. Problema criptográfico en el controlador GPS HLOS al descargar datos de asistencia GNSS de Qualcomm. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 180EXPL: 0CVE-2023-33044 – Reachable Assertion in Data Modem
https://notcve.org/view.php?id=CVE-2023-33044
Transient DOS in Data modem while handling TLB control messages from the Network. DOS transitorio en módem de datos mientras se manejan mensajes de control TLB de la Red. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 118EXPL: 0CVE-2023-33043 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2023-33043
Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. DOS transitorio en el módem cuando se realiza una solicitud de cambio de haz con un BWP no configurado. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 526EXPL: 0CVE-2023-33018 – Integer Overflow to Buffer Overflow in User Identity Module
https://notcve.org/view.php?id=CVE-2023-33018
Memory corruption while using the UIM diag command to get the operators name. Corrupción de la memoria al utilizar el comando diag de User Identity Module (UIM) para obtener el nombre del operador. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •