CVSS: 7.8EPSS: 0%CPEs: 120EXPL: 0CVE-2023-28575 – Multiple Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2023-28575
08 Aug 2023 — The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. La función cam_get_device_priv no comprueba el tipo de manejador devuelto (device/session/link). Esto llevaría a un uso de tipo inválido si se le pasa un manejador incorrecto. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-823: Use of Out-of-range Pointer Offset CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.4EPSS: 0%CPEs: 366EXPL: 0CVE-2023-28537 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-28537
08 Aug 2023 — Memory corruption while allocating memory in COmxApeDec module in Audio. Corrupción de memoria al asignar memoria en el módulo COmxApeDec en Audio. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 344EXPL: 0CVE-2023-22666 – Integer Overflow or Wraparound in Audio
https://notcve.org/view.php?id=CVE-2023-22666
08 Aug 2023 — Memory Corruption in Audio while playing amrwbplus clips with modified content. Corrupción de memoria en audio al reproducir clips amrwbplus con contenido modificado. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 370EXPL: 0CVE-2023-21626 – Improper Authentication in HLOS.
https://notcve.org/view.php?id=CVE-2023-21626
08 Aug 2023 — Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. Problema criptográfico en HLOS debido a una autenticación incorrecta al realizar comprobaciones de velocidad de clave utilizando más de una clave. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-287: Improper Authentication CWE-320: Key Management Errors •
CVSS: 8.2EPSS: 0%CPEs: 92EXPL: 0CVE-2023-21625 – Buffer Over-read in Network Services
https://notcve.org/view.php?id=CVE-2023-21625
08 Aug 2023 — Information disclosure in Network Services due to buffer over-read while the device receives DNS response. Divulgación de información en Servicios de red debido a la sobrelectura del búfer mientras el dispositivo recibe la respuesta DNS. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 10.0EPSS: 0%CPEs: 408EXPL: 0CVE-2022-40510 – Buffer copy without checking size of input in Audio.
https://notcve.org/view.php?id=CVE-2022-40510
08 Aug 2023 — Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. Corrupción de memoria debida a la copia del búfer sin comprobar el tamaño de la entrada en Audio durante una llamada de voz con el vocoder EVS. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-457: Use of Uninitialized Variable CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 324EXPL: 0CVE-2022-40537 – Improper Validation of Array Index in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2022-40537
07 Mar 2023 — Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 318EXPL: 0CVE-2022-40515 – Double free in Video
https://notcve.org/view.php?id=CVE-2022-40515
07 Mar 2023 — Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-415: Double Free •
CVSS: 9.0EPSS: 0%CPEs: 418EXPL: 0CVE-2022-33213 – Memory Corruption in MODEM
https://notcve.org/view.php?id=CVE-2022-33213
07 Mar 2023 — Memory corruption in modem due to buffer overflow while processing a PPP packet • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 402EXPL: 0CVE-2022-25705 – Integer Overflow to Buffer Overflow in Modem
https://notcve.org/view.php?id=CVE-2022-25705
07 Mar 2023 — Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response • https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •