Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25806
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls ...
Amazon Opensearch
Amazon Opensearch Security
4.3
CVSSv2
CVE-2019-13120
Amazon FreeRTOS up to and including v1.4.8 lacks length checking in prvProcessReceivedPublish, resulting in untargetable leakage of arbitrary memory contents on a device to an attacker. If an attacker has the authorization to send a malformed MQTT publish packet to an Amazon IoT ...
Amazon Amazon Web Services Freertos
5
CVSSv2
CVE-2015-3373
The Amazon AWS module prior to 7.x-1.3 for Drupal uses the base URL and AWS access key to generate the access token, which makes it easier for remote malicious users to guess the token value and create backups via a crafted URL.
Amazon Aws Project Amazon Aws
3.5
CVSSv2
CVE-2022-1645
The Amazon Link WordPress plugin up to and including 3.2.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.
Amazon Link Project Amazon Link
5.8
CVSSv2
CVE-2014-3908
The Amazon.com Kindle application prior to 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Amazon Kindle
Amazon Kindle 4.4.0
NA
CVE-2023-31141
OpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there is an issue with the implementation of fine-grained access control rules (document-level security, field-level security and field masking) whe...
Amazon Opensearch Security
Amazon Opensearch
7.2
CVSSv2
CVE-2021-43997
FreeRTOS versions 10.2.0 up to and including 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions up to and including 10.4.6 do not prevent a third party that has already independently gained the abilit...
Amazon Freertos 10.4.3
Amazon Freertos
1 Github repository
6.8
CVSSv2
CVE-2018-16522
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
Amazon Amazon Web Services Freertos
6.8
CVSSv2
CVE-2018-16528
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1 allows remote malicious users to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.
Amazon Amazon Web Services Freertos
7.5
CVSSv2
CVE-2017-17572
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.
Amazon Clone Project Amazon Clone 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »