CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-21473 – Improper Input Validation in WIN SON
https://notcve.org/view.php?id=CVE-2024-21473
01 Apr 2024 — Memory corruption while redirecting log file to any file location with any file name. Corrupción de la memoria al redirigir el archivo de registro a cualquier ubicación de archivo con cualquier nombre de archivo. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple Qualcomm chipsets. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Qualcomm LDB service. The issue results from the lack of proper v... • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-21468 – Use After Free in Kernel
https://notcve.org/view.php?id=CVE-2024-21468
01 Apr 2024 — Memory corruption when there is failed unmap operation in GPU. Corrupción de la memoria cuando falla la operación de desasignación en la GPU. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-33115 – Buffer Over-read in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2023-33115
01 Apr 2024 — Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. Corrupción de la memoria durante el procesamiento de la inicialización del búfer, cuando se generan informes confiables para ciertos tipos de informes. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2023-33023 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in SPS-Applications
https://notcve.org/view.php?id=CVE-2023-33023
01 Apr 2024 — Memory corruption while processing finish_sign command to pass a rsp buffer. Corrupción de la memoria al procesar el comando Finish_sign para pasar un búfer rsp. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 47EXPL: 0CVE-2023-28547 – Buffer Copy Without Checking Size of Input in SPS Applications
https://notcve.org/view.php?id=CVE-2023-28547
01 Apr 2024 — Memory corruption in SPS Application while requesting for public key in sorter TA. Corrupción de la memoria en la aplicación SPS al solicitar la clave pública en el clasificador TA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43553 – Use of Out-of-range Pointer Offset in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43553
04 Mar 2024 — Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE. Corrupción de la memoria al analizar el marco de respuesta de baliza/sonda cuando AP envía más enlaces compatibles en MLIE. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43552 – Use After Free in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2023-43552
04 Mar 2024 — Memory corruption while processing MBSSID beacon containing several subelement IE. Corrupción de la memoria al procesar la baliza MBSSID que contiene varios subelementos IE. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43549 – Stack-based Buffer Overflow in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-43549
04 Mar 2024 — Memory corruption while processing TPC target power table in FTM TPC. Corrupción de la memoria al procesar la tabla de potencia objetivo de TPC en FTM TPC. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43539 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43539
04 Mar 2024 — Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame. DOS transitorio mientras se procesa una trama del protocolo 802.11az Fine Time Measurement con formato incorrecto. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 3%CPEs: 5EXPL: 1CVE-2023-33105 – Configuration Issue in WLAN Host and Firmware
https://notcve.org/view.php?id=CVE-2023-33105
04 Mar 2024 — Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. DOS transitorio en el host y el firmware de WLAN cuando se envía una gran cantidad de marcos de autenticación abiertos con un número de secuencia de transacción no válido. • https://github.com/D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware • CWE-16: Configuration •