CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2018-11816 – Use After Free in Video
https://notcve.org/view.php?id=CVE-2018-11816
26 Nov 2024 — Crafted Binder Request Causes Heap UAF in MediaServer • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: 534EXPL: 0CVE-2023-33033 – Use of Out-of-range Pointer Offset in Audio
https://notcve.org/view.php?id=CVE-2023-33033
02 Jan 2024 — Memory corruption in Audio during playback with speaker protection. Corrupción de la memoria en audio durante la reproducción con protección de altavoz. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2023-33059 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33059
07 Nov 2023 — Memory corruption in Audio while processing the VOC packet data from ADSP. Corrupción de la memoria en Audio mientras se procesan los datos del paquete VOC desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 164EXPL: 0CVE-2023-33020 – Improper Authorization in WLAN Host
https://notcve.org/view.php?id=CVE-2023-33020
05 Sep 2023 — Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. Un ataque de denegación de servicios (DOS) transitorio en el componente WLAN Host es posible cuando se recibe un canal no válido (como canal fuera de rango) en STA durante CSA IE. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 164EXPL: 0CVE-2023-33019 – Improper Authorization in WLAN Host
https://notcve.org/view.php?id=CVE-2023-33019
05 Sep 2023 — Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. Un ataque de denegación de servicios (DOS) transitorio en el componente WLAN Host mientras realiza el anuncio de cambio de canal (CSA), cuando una estación móvil recibe un canal no válido en CSA IE. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 590EXPL: 0CVE-2023-28565 – Improper Validation of Array Index in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28565
05 Sep 2023 — Memory corruption in WLAN HAL while handling command streams through WMI interfaces. Corrupción de memoria en WLAN HAL al manejar flujos de comandos a través de interfaces WMI. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-28560 – Buffer Copy Without Checking Size of Input in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-28560
05 Sep 2023 — Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. Corrupción de memoria en WLAN HAL al procesar devIndex desde un payload WMI no fiable. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 408EXPL: 0CVE-2022-40510 – Buffer copy without checking size of input in Audio.
https://notcve.org/view.php?id=CVE-2022-40510
08 Aug 2023 — Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. Corrupción de memoria debida a la copia del búfer sin comprobar el tamaño de la entrada en Audio durante una llamada de voz con el vocoder EVS. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-457: Use of Uninitialized Variable CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 566EXPL: 0CVE-2023-21628 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL
https://notcve.org/view.php?id=CVE-2023-21628
06 Jun 2023 — Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. • https://www.qualcomm.com/company/product-security/bulletins/june-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 442EXPL: 1CVE-2023-21665 – Incorrect Type Conversion or Cast in Graphics
https://notcve.org/view.php?id=CVE-2023-21665
02 May 2023 — Memory corruption in Graphics while importing a file. Qualcomm Adreno/KGSL suffers from an unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr(). • https://packetstorm.news/files/id/172663 • CWE-704: Incorrect Type Conversion or Cast •