Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

amazon kindle vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2014-3908
The Amazon.com Kindle application prior to 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Amazon KindleAmazon Kindle 4.4.0
NA
CVE-2012-4248
The Amazon Kindle Touch prior to 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote malicious users to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or (4) todo.schedul...
Amazon Kindle TouchAmazon Kindle Touch 5.1.0
NA
CVE-2012-4249
The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch prior to 5.1.2 allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different...
Amazon Kindle Touch 5.1.0Amazon Kindle Touch 5.1.1
7.3
CVSSv3
CVE-2017-6189
Untrusted search path vulnerability in Amazon Kindle for PC prior to 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
Amazon Kindle For Pc
NA
CVE-2010-5268
Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 30884 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .azw file. NOTE: some of these details are obtained ...
Amazon Kindle For Pc 1.3.0.30884
8.6
CVSSv3
CVE-2021-30355
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.
Amazon Kindle Firmware
8.6
CVSSv3
CVE-2021-30354
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.
Amazon Kindle Firmware
4.4
CVSSv3
CVE-2018-11020
kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.5
CVSSv3
CVE-2018-11024
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 1077435789 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.5
CVSSv3
CVE-2018-11025
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook