CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2023/09/05 6:24 a.m.•16 views

CVE-2023-28559 Buffer Copy Without Checking Size of Input in WLAN HAL

Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload...

Vulnrichment•added 2023/09/05 6:24 a.m.•17 views

CVE-2023-28558 Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN handler while processing PhyID in Tx status handler...

7.8CVSS7.2AI score0.0011EPSS

Vulnrichment•added 2023/09/05 6:24 a.m.•17 views

CVE-2023-28557 Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload...

7.8CVSS7.5AI score0.0011EPSS

Cvelist•added 2023/09/05 6:24 a.m.•20 views

CVE-2023-28557 Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload...

CVE•added 2023/09/05 6:24 a.m.•71 views

CVE-2023-28557

CVE-2023-28557 affects Qualcomm WLAN HAL, causing memory corruption when processing command parameters from an untrusted WMI payload. The issue is described as a local vulnerability with low attack complexity and exploit prerequisites, but with high impact to confidentiality, integrity, and avail...

7.8CVSS7.9AI score0.0011EPSS

Cvelist•added 2023/09/05 6:24 a.m.•18 views

CVE-2023-28549 Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN HAL

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload...

CVE•added 2023/09/05 6:24 a.m.•69 views

CVE-2023-28549

CVE-2023-28549 describes memory corruption in the Qualcomm WLAN HAL while parsing a TLV payload in the Rx path. The vulnerability affects Qualcomm WLAN components (closed-source) and is rated with CVSSv3.1: Local attack, Low privileges required, no user interaction, with high impact on confidenti...

7.8CVSS8AI score0.0011EPSS

Vulnrichment•added 2023/09/05 6:24 a.m.•8 views

CVE-2023-28548 Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART...

7.8CVSS8AI score0.0011EPSS

Cvelist•added 2023/09/05 6:24 a.m.•29 views

CVE-2023-28548 Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART...

CVE•added 2023/09/05 6:24 a.m.•62 views

CVE-2023-28548

CVE-2023-28548 describes memory corruption in the WLAN HAL when processing Tx/Rx commands from QDART. The entry identifies the affected component as Qualcomm closed-source WLAN HAL and attributes the issue to a faulty handling path in QDART Tx/Rx processing, with a CVSSv3.1 base score of 7.8 (Att...

7.8CVSS8AI score0.0011EPSS

Cvelist•added 2023/09/05 6:23 a.m.•24 views

CVE-2022-33275 Improper validation of array index in WLAN HAL

Memory corruption due to improper validation of array index in WLAN HAL when received lmitemNum is out of range...

8.4CVSS8.7AI score0.00111EPSS

Vulnrichment•added 2023/09/05 6:23 a.m.•9 views

CVE-2022-33275 Improper validation of array index in WLAN HAL

Memory corruption due to improper validation of array index in WLAN HAL when received lmitemNum is out of range...

8.4CVSS8.6AI score0.00111EPSS

CVE•added 2023/09/05 6:23 a.m.•82 views

CVE-2022-33275

CVE-2022-33275 describes memory corruption due to improper validation of an array index in the WLAN HAL when lm_itemNum is out of range. The issue affects Qualcomm chipsets’ WLAN HAL and is caused by out-of-bounds handling of item indices, leading to potential memory corruption. Public details in...

8.4CVSS8.1AI score0.00111EPSS

Positive Technologies•added 2023/09/04 12:0 a.m.•4 views

PT-2023-13281 · Wlan Hal · Wlan Hal

Name of the Vulnerable Software and Affected Versions: WLAN HAL affected versions not specified Description: The issue is caused by memory corruption due to improper validation of array index in WLAN HAL when the received lm itemNum is out of range. This can lead to potential exploits. There is n...

8.4CVSS7.1AI score0.00111EPSS

Exploits0References5

Positive Technologies•added 2023/09/04 12:0 a.m.•3 views

PT-2023-21808 · Wlan Hal · Wlan Hal

Name of the Vulnerable Software and Affected Versions: WLAN HAL affected versions not specified Description: The issue is related to memory corruption in the WLAN HAL when processing the devIndex from an untrusted WMI payload. This can lead to potential security risks. There is no information...

7.8CVSS7.2AI score0.0011EPSS

Exploits0References6

Positive Technologies•added 2023/09/04 12:0 a.m.•4 views

PT-2023-21812 · Qualcomm · Qualcomm Snapdragon Processors

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Processors affected versions not specified Description: The issue is related to memory corruption in the WLAN HAL when passing command parameters through WMI interfaces. This can potentially lead to security risks. There i...

7.8CVSS7.8AI score0.0011EPSS

Exploits0References8

Prion•added 2023/08/14 10:15 p.m.•22 views

Out-of-bounds

In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

1.7CVSS5.1AI score0.00104EPSS

Exploits0References2Affected Software1

NVD•added 2023/08/10 2:15 a.m.•16 views

CVE-2023-30681

An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...

7.8CVSS5.5AI score0.00167EPSS

Vulnrichment•added 2023/08/10 1:18 a.m.•17 views

CVE-2023-30681

An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...

4.4CVSS6.7AI score0.00167EPSS