CVSS: 6.5EPSS: 0%CPEs: 86EXPL: 0CVE-2023-21667 – Buffer Over-read in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-21667
05 Sep 2023 — Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard. Vulnerabilidad de denegación de servicios (DoS) transitorio en Bluetooth HOST al pasar el descriptor para validar el teclado BT de la lista negra. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 274EXPL: 0CVE-2023-21664 – Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform
https://notcve.org/view.php?id=CVE-2023-21664
05 Sep 2023 — Memory Corruption in Core Platform while printing the response buffer in log. Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 76EXPL: 0CVE-2023-21663 – Improper Restrictions of Operations within the Bounds of a Memory Buffer in Display
https://notcve.org/view.php?id=CVE-2023-21663
05 Sep 2023 — Memory Corruption while accessing metadata in Display. Corrupción de memoria al acceder a metadatos en Display. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 272EXPL: 0CVE-2023-21662 – Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform
https://notcve.org/view.php?id=CVE-2023-21662
05 Sep 2023 — Memory corruption in Core Platform while printing the response buffer in log. Corrupción de la memoria en Core Platform al imprimir el búfer de respuesta en el registro. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2023-21655 – Integer Overflow or Wraparound in Display
https://notcve.org/view.php?id=CVE-2023-21655
05 Sep 2023 — Memory corruption in Audio while validating and mapping metadata. Corrupción de memoria en Audio durante la validación y asignación de metadatos. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 108EXPL: 0CVE-2023-21646 – Reachable Assertion in Modem
https://notcve.org/view.php?id=CVE-2023-21646
05 Sep 2023 — Transient DOS in Modem while processing invalid System Information Block 1. Un ataque de denegación de servicios (DOS) transitorio en Modem cuando se procesa información inválida del sistema Block 1. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 90EXPL: 0CVE-2022-33220 – Buffer over-read in Automotive multimedia
https://notcve.org/view.php?id=CVE-2022-33220
05 Sep 2023 — Information disclosure in Automotive multimedia due to buffer over-read. Divulgación de información en Automotive multimedia debido a sobrelectura del búfer. • https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.7EPSS: 0%CPEs: 240EXPL: 0CVE-2023-21652 – Key Management Errors in HLOS
https://notcve.org/view.php?id=CVE-2023-21652
08 Aug 2023 — Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use. Problema criptográfico en HLOS ya que las claves derivadas utilizadas para cifrar/descifrar información están presentes en la pila después de su uso. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-320: Key Management Errors CWE-798: Use of Hard-coded Credentials •
CVSS: 9.3EPSS: 0%CPEs: 280EXPL: 0CVE-2023-21651 – Incorrect Type Conversion or Cast in Core
https://notcve.org/view.php?id=CVE-2023-21651
08 Aug 2023 — Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Corrupción de memoria en el Core debido a una conversión de tipo o cast incorrecto en la función secure_io_read/write en TEE. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.8EPSS: 0%CPEs: 86EXPL: 0CVE-2023-21647 – Improper Input Validation in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-21647
08 Aug 2023 — Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. Revelación de información en Bluetooth cuando se recibe un paquete GATT debido a una validación de entrada incorrecta. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-20: Improper Input Validation •