The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2023-37572 | Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted. | -- | Dec 5, 2023 |
CVE-2023-35690 | In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | -- | Dec 5, 2023 |
CVE-2023-35668 | In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | -- | Dec 5, 2023 |
CVE-2023-33107 | Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. | -- | Dec 5, 2023 |
CVE-2023-33106 | Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | -- | Dec 5, 2023 |
CVE-2023-33098 | Transient DOS while parsing WPA IES, when it is passed with length more than expected size. | -- | Dec 5, 2023 |
CVE-2023-33097 | Transient DOS in WLAN Firmware while processing a FTMR frame. | -- | Dec 5, 2023 |
CVE-2023-33092 | Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. | -- | Dec 5, 2023 |
CVE-2023-33089 | Transient DOS when processing a NULL buffer while parsing WLAN vdev. | -- | Dec 5, 2023 |
CVE-2023-33088 | Memory corruption when processing cmd parameters while parsing vdev. | -- | Dec 5, 2023 |
CVE-2023-33087 | Memory corruption in Core while processing RX intent request. | -- | Dec 5, 2023 |
CVE-2023-33083 | Memory corruption in WLAN Host while processing RRM beacon on the AP. | -- | Dec 5, 2023 |
CVE-2023-33082 | Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. | -- | Dec 5, 2023 |
CVE-2023-33081 | Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. | -- | Dec 5, 2023 |
CVE-2023-33080 | Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. | -- | Dec 5, 2023 |
CVE-2023-33079 | Memory corruption in Audio while running invalid audio recording from ADSP. | -- | Dec 5, 2023 |
CVE-2023-33071 | Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. | -- | Dec 5, 2023 |
CVE-2023-33070 | Transient DOS in Automotive OS due to improper authentication to the secure IO calls. | -- | Dec 5, 2023 |
CVE-2023-33063 | Memory corruption in DSP Services during a remote call from HLOS to DSP. | -- | Dec 5, 2023 |
CVE-2023-33054 | Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. | -- | Dec 5, 2023 |
CVE-2023-33053 | Memory corruption in Kernel while parsing metadata. | -- | Dec 5, 2023 |
CVE-2023-33044 | Transient DOS in Data modem while handling TLB control messages from the Network. | -- | Dec 5, 2023 |
CVE-2023-33043 | Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. | -- | Dec 5, 2023 |
CVE-2023-33042 | Transient DOS in Modem after RRC Setup message is received. | -- | Dec 5, 2023 |
CVE-2023-33041 | Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. | -- | Dec 5, 2023 |
CVE-2023-33024 | Memory corruption while sending SMS from AP firmware. | -- | Dec 5, 2023 |
CVE-2023-33022 | Memory corruption in HLOS while invoking IOCTL calls from user-space. | -- | Dec 5, 2023 |
CVE-2023-33018 | Memory corruption while using the UIM diag command to get the operators name. | -- | Dec 5, 2023 |
CVE-2023-33017 | Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. | -- | Dec 5, 2023 |
CVE-2023-32870 | In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363740; Issue ID: ALPS07363740. | -- | Dec 4, 2023 |
CVE-2023-32869 | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363689. | -- | Dec 4, 2023 |
CVE-2023-32868 | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363632. | -- | Dec 4, 2023 |
CVE-2023-32867 | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560793; Issue ID: ALPS07560793. | -- | Dec 4, 2023 |
CVE-2023-32866 | In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152. | -- | Dec 4, 2023 |
CVE-2023-32865 | In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456. | -- | Dec 4, 2023 |
CVE-2023-32864 | In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292187; Issue ID: ALPS07292187. | -- | Dec 4, 2023 |
CVE-2023-32863 | In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326314; Issue ID: ALPS07326314. | -- | Dec 4, 2023 |
CVE-2023-32862 | In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388762; Issue ID: ALPS07388762. | -- | Dec 4, 2023 |
CVE-2023-32861 | In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08059081; Issue ID: ALPS08059081. | -- | Dec 4, 2023 |
CVE-2023-32860 | In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788. | -- | Dec 4, 2023 |
CVE-2023-32859 | In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. | -- | Dec 4, 2023 |
CVE-2023-32858 | In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008. | -- | Dec 4, 2023 |
CVE-2023-32857 | In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993710. | -- | Dec 4, 2023 |
CVE-2023-32856 | In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993705. | -- | Dec 4, 2023 |
CVE-2023-32855 | In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204. | -- | Dec 4, 2023 |
CVE-2023-32854 | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08240132; Issue ID: ALPS08240132. | -- | Dec 4, 2023 |
CVE-2023-32853 | In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648764; Issue ID: ALPS07648764. | -- | Dec 4, 2023 |
CVE-2023-32852 | In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971. | -- | Dec 4, 2023 |
CVE-2023-32851 | In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652. | -- | Dec 4, 2023 |
CVE-2023-32850 | In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659. | -- | Dec 4, 2023 |