Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-31572
The kernel in Amazon Web Services FreeRTOS prior to 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
Amazon Freertos
8.3
CVSSv2
CVE-2019-3987
Blink XT2 Sync Module firmware before 2.13.11 allows remote malicious users to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter.
Amazon Blink Xt2 Sync Module Firmware
4.4
CVSSv2
CVE-2022-33915
Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021...
Amazon Hotpatch
7.2
CVSSv2
CVE-2019-3983
Blink XT2 Sync Module firmware before 2.13.11 allows remote malicious users to execute arbitrary code and commands on the device due to insufficient UART protections.
Amazon Blink Xt2 Sync Module Firmware
4.3
CVSSv2
CVE-2019-11554
The Audible application up to and including 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM malicious users to cause a denial of service.
Amazon Audible
NA
CVE-2022-23511
A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window ope...
Amazon Cloudwatch Agent
6.4
CVSSv2
CVE-2019-9483
Amazon Ring Doorbell prior to 3.4.7 mishandles encryption, which allows malicious users to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door.
Amazon Ring Video Doorbell Firmware
8.3
CVSSv2
CVE-2019-3985
Blink XT2 Sync Module firmware before 2.13.11 allows remote malicious users to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.
Amazon Blink Xt2 Sync Module Firmware
NA
CVE-2024-21634
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in `ion-java` for applications that use `ion-java` to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the `IonV...
Amazon Ion
7.2
CVSSv2
CVE-2021-3100
The Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.1-13 didn’t mimic the permissions of the JVM being patched, allowing it to escalate privileges.
Amazon Log4jhotpatch
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »