Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon vulnerabilities and exploits
(subscribe to this query)
169
VMScore
CVE-2021-37436
Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about ...
Amazon Echo Dot Firmware
668
VMScore
CVE-2021-31571
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has an integer overflow in queue.c for queue creation.
Amazon Freertos
445
VMScore
CVE-2020-15093
The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an malicious user to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metada...
Amazon Tough
NA
CVE-2023-45807
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perf...
Amazon Opensearch
NA
CVE-2023-1383
An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an malicious user to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions before 6.2.9.5. ...
Amazon Fire Os
NA
CVE-2023-1384
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions before 6.2.9.5. Insignia TV with FireOS versions before 7.6.3.3.
Amazon Fire Os
NA
CVE-2023-1385
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions before 6.2.9.5. Insignia TV...
Amazon Fire Os
NA
CVE-2023-33777
An issue in /functions/fbaorder.php of Prestashop amazon before v5.2.24 allows malicious users to execute a directory traversal attack.
Prestashop Amazon
668
VMScore
CVE-2021-31572
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
Amazon Freertos
392
VMScore
CVE-2022-33915
Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021...
Amazon Hotpatch
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »