Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-16600
An issue exists in Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for in...
Amazon Amazon Web Services Freertos
Amazon Freertos
383
VMScore
CVE-2018-16602
An issue exists in Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used...
Amazon Freertos
Amazon Amazon Web Services Freertos
383
VMScore
CVE-2018-16603
An issue exists in Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can l...
Amazon Amazon Web Services Freertos
Amazon Freertos
516
VMScore
CVE-2012-5781
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary val...
Amazon Elastic Load Balancing 1.0.12.0
Amazon Elastic Load Balancing 1.0.10.0
Amazon Elastic Load Balancing 1.0.3.4
Amazon Elastic Load Balancing 1.0
Amazon Elastic Load Balancing -
Amazon Elastic Load Balancing 1.0.17.0
Amazon Elastic Load Balancing 1.0.15.1
Amazon Elastic Load Balancing 1.0.14.3
Amazon Elastic Load Balancing 1.0.11.1
Amazon Elastic Load Balancing 1.0.9.3
383
VMScore
CVE-2020-16843
In Firecracker 0.20.x prior to 0.20.1 and 0.21.x prior to 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM net...
Amazon Firecracker 0.20.0
Amazon Firecracker 0.21.0
Amazon Firecracker 0.21.1
614
VMScore
CVE-2022-29527
Amazon AWS amazon-ssm-agent prior to 3.1.1208.0 creates a world-writable sudoers file, which allows local malicious users to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.
Amazon Amazon Ssm Agent
668
VMScore
CVE-2020-36363
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers.
Amazon Amazon Cloudfront 1.2 2019
435
VMScore
CVE-2005-3908
Cross-site scripting (XSS) vulnerability in search.php in GhostScripter Amazon Shop 5.0.0, and other versions prior to 5.0.2, allows remote malicious users to inject web script or HTML via the query parameter.
Amazon Shop Amazon Shop
1 EDB exploit
605
VMScore
CVE-2018-1169
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specif...
Amazon Amazon Music 6.1.5.1213
605
VMScore
CVE-2018-16522
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
Amazon Amazon Web Services Freertos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »