Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-2188
A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and previous versions in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.
Jenkins Amazon Ec2
5.8
CVSSv2
CVE-2012-5780
The Amazon merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary valid certificate.
Amazon Merchant Sdk -
5.8
CVSSv2
CVE-2019-7399
Amazon Fire OS prior to 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages.
Amazon Fire Os
6.8
CVSSv2
CVE-2020-2187
Jenkins Amazon EC2 Plugin 1.50.1 and previous versions unconditionally accepts self-signed certificates and does not perform hostname validation, enabling man-in-the-middle attacks.
Jenkins Amazon Ec2
7.5
CVSSv2
CVE-2019-10777
In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. It is possible for a user to inject arbitrary commands to the "zipCmd" used within &qu...
Amazon Aws Lambda
4.9
CVSSv2
CVE-2018-11020
kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.8
CVSSv2
CVE-2018-11021
kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/dsscomp with the command 1118064517 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
7.8
CVSSv2
CVE-2018-11025
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows malicious users to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash.
Amazon Fire Os 4.5.5.3
NA
CVE-2023-33248
Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows malicious users to deliver security-relevant commands via an audio signal between 16 and 22 kHz (often outside the range of human adult hearing). Commands at these fr...
Amazon Alexa 8960323972
9.3
CVSSv2
CVE-2021-38112
In the Amazon AWS WorkSpaces client 3.0.10 up to and including 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9.
Amazon Aws Workspaces
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »