Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-21634
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in `ion-java` for applications that use `ion-java` to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the `IonV...
Amazon Ion
9
CVSSv2
CVE-2022-25809
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (in the case of physically prox...
Amazon Echo Dot Firmware -
1 Article
NA
CVE-2023-45807
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perf...
Amazon Opensearch
NA
CVE-2022-41917
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries ...
Amazon Opensearch
NA
CVE-2022-41918
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained access control rules (document-level security, field-level security and field masking) where they are not correctly applied to the indices tha...
Amazon Opensearch
3.3
CVSSv2
CVE-2017-16867
Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house for unfilmed activities or (2) malicious users to freeze a camera and enter a hous...
Amazon Amazon Key Firmware
6.4
CVSSv2
CVE-2019-9483
Amazon Ring Doorbell prior to 3.4.7 mishandles encryption, which allows malicious users to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.
Amazon Ring Video Doorbell Firmware
7.2
CVSSv2
CVE-2019-3983
Blink XT2 Sync Module firmware before 2.13.11 allows remote malicious users to execute arbitrary code and commands on the device due to insufficient UART protections.
Amazon Blink Xt2 Sync Module Firmware
10
CVSSv2
CVE-2019-3984
Blink XT2 Sync Module firmware before 2.13.11 allows remote malicious users to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet.
Amazon Blink Xt2 Sync Module Firmware
8.3
CVSSv2
CVE-2019-3985
Blink XT2 Sync Module firmware before 2.13.11 allows remote malicious users to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.
Amazon Blink Xt2 Sync Module Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »