CVSS: 6.7EPSS: 0%CPEs: 58EXPL: 0CVE-2024-33053 – Use After Free in Video
https://notcve.org/view.php?id=CVE-2024-33053
02 Dec 2024 — Memory corruption when multiple threads try to unregister the CVP buffer at the same time. Corrupción de memoria cuando varios subprocesos intentan anular el registro del búfer CVP al mismo tiempo. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 120EXPL: 0CVE-2024-23369 – Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS
https://notcve.org/view.php?id=CVE-2024-23369
07 Oct 2024 — Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. • https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2024-bulletin.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 624EXPL: 0CVE-2023-43536 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43536
06 Feb 2024 — Transient DOS while parse fils IE with length equal to 1. DOS transitorio mientras analiza fils IE con una longitud igual a 1. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 482EXPL: 0CVE-2023-43533 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43533
06 Feb 2024 — Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. DOS transitorio en el firmware WLAN cuando la longitud de la baliza recibida es menor que la longitud de la frame de la baliza ieee802.11. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 578EXPL: 0CVE-2023-43522 – NULL Pointer Dereference in WLAN Firmware
https://notcve.org/view.php?id=CVE-2023-43522
06 Feb 2024 — Transient DOS while key unwrapping process, when the given encrypted key is empty or NULL. DOS transitorio durante el proceso de desencapsulación de claves, cuando la clave cifrada proporcionada está vacía o es NULL. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 268EXPL: 0CVE-2023-43519 – Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Video
https://notcve.org/view.php?id=CVE-2023-43519
06 Feb 2024 — Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. Corrupción de la memoria en el vídeo al analizar la información del vídeo, cuando el tamaño del átomo es mayor que el tamaño de la información del vídeo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 306EXPL: 0CVE-2023-43518 – Untrusted Pointer Dereference in Video
https://notcve.org/view.php?id=CVE-2023-43518
06 Feb 2024 — Memory corruption in video while parsing invalid mp2 clip. Corrupción de la memoria en el vídeo al analizar un clip mp2 no válido. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 534EXPL: 0CVE-2023-43513 – Use of Out-of-range Pointer Offset in PCIe
https://notcve.org/view.php?id=CVE-2023-43513
06 Feb 2024 — Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. Corrupción de la memoria al procesar el anillo de eventos, el puntero de lectura de contexto no es confiable para HLOS y cuando se pasa con valores arbitrarios, puede apuntar a la dirección en el medio del elemento del anillo. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-787: Out-of-bounds Write CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 7.8EPSS: 0%CPEs: 308EXPL: 0CVE-2023-33076 – Configuration Issue in Core
https://notcve.org/view.php?id=CVE-2023-33076
06 Feb 2024 — Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. La corrupción de la memoria en Core cuando se habilita la actualización de la versión de reversión para la función TA y OTA. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-16: Configuration CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 496EXPL: 0CVE-2023-33072 – Buffer copy without checking size of Input in Core
https://notcve.org/view.php?id=CVE-2023-33072
06 Feb 2024 — Memory corruption in Core while processing control functions. Corrupción de la memoria en Core durante el procesamiento de funciones de control. • https://www.qualcomm.com/company/product-security/bulletins/february-2024-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •