CVSS: 7.8EPSS: 0%CPEs: 686EXPL: 0CVE-2024-23368 – Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC
https://notcve.org/view.php?id=CVE-2024-23368
01 Jul 2024 — Memory corruption when allocating and accessing an entry in an SMEM partition. Corrupción de la memoria al asignar y acceder a una entrada en una partición SMEM. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 448EXPL: 0CVE-2024-21469 – Permissions, Privileges, and Access Control issues in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-21469
01 Jul 2024 — Memory corruption when an invoke call and a TEE call are bound for the same trusted application. Corrupción de la memoria cuando una llamada de invocación y una llamada TEE están vinculadas a la misma aplicación confiable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-264: Permissions, Privileges, and Access Controls CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2024-21465 – Buffer Over-read in Trusted Execution Environment
https://notcve.org/view.php?id=CVE-2024-21465
01 Jul 2024 — Memory corruption while processing key blob passed by the user. Corrupción de la memoria al procesar el blob de claves pasado por el usuario. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.1EPSS: 0%CPEs: 622EXPL: 0CVE-2024-21462 – Buffer Over-read in TZ Secure OS
https://notcve.org/view.php?id=CVE-2024-21462
01 Jul 2024 — Transient DOS while loading the TA ELF file. DOS transitorio mientras se carga el archivo TA ELF. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 624EXPL: 0CVE-2023-43536 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43536
06 Feb 2024 — Transient DOS while parse fils IE with length equal to 1. DOS transitorio mientras analiza fils IE con una longitud igual a 1. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 578EXPL: 0CVE-2023-43522 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43522
06 Feb 2024 — Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. DOS transitorio durante el proceso de desencapsulación de claves, cuando la clave cifrada proporcionada está vacía o es NULL. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 496EXPL: 0CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
06 Feb 2024 — Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 718EXPL: 0CVE-2023-43511 – Loop with Unreachable Exit Condition (Infinite Loop) in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43511
02 Jan 2024 — Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains `IPPROTO_NONE` as the next header. DOS transitorio mientras se analiza el encabezado de extensión IPv6 cuando el firmware WLAN recibe un paquete IPv6 que contiene "IPPROTO_NONE" como el siguiente encabezado. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 204EXPL: 0CVE-2023-33116 – Buffer over-read without Checking Size of Input in WLAN Host
https://notcve.org/view.php?id=CVE-2023-33116
02 Jan 2024 — Transient DOS while parsing ieee80211_parse_mscs_ie in WIN WLAN driver. DOS transitorio mientras se analiza ieee80211_parse_mscs_ie en el controlador WIN WLAN. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 626EXPL: 0CVE-2023-33109 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-33109
02 Jan 2024 — Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from host. DOS transitorio mientras se procesa un comando de inicio de escucha WMI P2P (0xD00A) enviado desde el host. • https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin • CWE-476: NULL Pointer Dereference •