CVSS: 8.2EPSS: 0%CPEs: 268EXPL: 0CVE-2022-33283 – Buffer over-read in WLAN
https://notcve.org/view.php?id=CVE-2022-33283
Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: 268EXPL: 0CVE-2022-33276 – Buffer copy without checking size of input in Modem
https://notcve.org/view.php?id=CVE-2022-33276
Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.4EPSS: 0%CPEs: 22EXPL: 0CVE-2022-33274 – Improper validation of array index in Android Core
https://notcve.org/view.php?id=CVE-2022-33274
Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication. Corrupción de la memoria en el núcleo de Android debido a una validación incorrecta del índice de la matriz al devolver identificadores de funciones después de la autenticación de la licencia. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 244EXPL: 0CVE-2022-33266 – Integer overflow to buffer overflow in Audio
https://notcve.org/view.php?id=CVE-2022-33266
Memory corruption in Audio due to integer overflow to buffer overflow while music playback of clips like amr,evrc,qcelp with modified content. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-33265 – Information exposure in Powerline Communication Firmware
https://notcve.org/view.php?id=CVE-2022-33265
Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device. Corrupción de la memoria debido a la exposición de información en el firmware de comunicación Powerline al enviar diferentes MME desde un único dispositivo no asociado. • https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin • CWE-787: Out-of-bounds Write •