Page 9 of 113 results (0.009 seconds)

CVSS: 7.1EPSS: 0%CPEs: 166EXPL: 0

CVE-2023-33037 – Cryptographic Issues in Automotive

https://notcve.org/view.php?id=CVE-2023-33037

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. Problema criptográfico en Automotive al desenvolver la clave secs2d y verificar con datos de RPMB. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-310: Cryptographic Issues CWE-311: Missing Encryption of Sensitive Data •

CVSS: 7.1EPSS: 0%CPEs: 214EXPL: 0

CVE-2023-33036 – NULL Pointer Dereference in Hypervisor

https://notcve.org/view.php?id=CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call. DOS permanente en Hypervisor mientras una máquina virtual que no es de confianza y sin soporte PSCI realiza una llamada de PSCI. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-476: NULL Pointer Dereference •

CVSS: 9.3EPSS: 0%CPEs: 602EXPL: 0

CVE-2023-33030 – Buffer Copy without Checking Size of Input in HLOS

https://notcve.org/view.php?id=CVE-2023-33030

Memory corruption in HLOS while running playready use-case. Corrupción de la memoria en HLOS mientras se ejecuta el caso de uso de PlayReady. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •

CVSS: 7.6EPSS: 0%CPEs: 74EXPL: 0

CVE-2023-33014 – Improper Input Validation in Services

https://notcve.org/view.php?id=CVE-2023-33014

Information disclosure in Core services while processing a Diag command. Divulgación de información en servicios principales mientras se procesa un comando Diag. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-20: Improper Input Validation •

CVSS: 8.4EPSS: 0%CPEs: 484EXPL: 0

CVE-2023-33107 – Qualcomm Multiple Chipsets Integer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. Corrupción de la memoria en Graphics Linux al asignar una región de memoria virtual compartida durante la llamada IOCTL. Multiple Qualcomm chipsets contain an integer overflow vulnerability due to memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. • https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin • CWE-190: Integer Overflow or Wraparound •