Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon fire os vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-1383
An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an malicious user to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions before 6.2.9.5. ...
Amazon Fire Os
6.1
CVSSv3
CVE-2023-1384
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions before 6.2.9.5. Insignia TV with FireOS versions before 7.6.3.3.
Amazon Fire Os
8.8
CVSSv3
CVE-2023-1385
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions before 6.2.9.5. Insignia TV...
Amazon Fire Os
7.4
CVSSv3
CVE-2019-7399
Amazon Fire OS prior to 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages.
Amazon Fire Os
9.8
CVSSv3
CVE-2015-7292
Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS prior to 2016-01-15 allows malicious users to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.
Amazon Fire Os
7.5
CVSSv3
CVE-2018-11019
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3221773726 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.5
CVSSv3
CVE-2018-11021
kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/dsscomp with the command 1118064517 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.5
CVSSv3
CVE-2018-11023
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3222560159 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.5
CVSSv3
CVE-2018-11024
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 1077435789 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.5
CVSSv3
CVE-2018-11025
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »