Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-16603
An issue exists in Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can l...
Amazon Amazon Web Services Freertos
Amazon Freertos
4.3
CVSSv2
CVE-2018-16599
An issue exists in Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for inform...
Amazon Freertos
Amazon Amazon Web Services Freertos
6.8
CVSSv2
CVE-2018-16525
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote malicious users to execute arbitrary code or leak information because of a Buffer Overflow during parsin...
Amazon Amazon Web Services Freertos
Amazon Freertos
5.8
CVSSv2
CVE-2012-5781
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitrary val...
Amazon Elastic Load Balancing 1.0.12.0
Amazon Elastic Load Balancing 1.0.10.0
Amazon Elastic Load Balancing 1.0.3.4
Amazon Elastic Load Balancing 1.0
Amazon Elastic Load Balancing -
Amazon Elastic Load Balancing 1.0.17.0
Amazon Elastic Load Balancing 1.0.15.1
Amazon Elastic Load Balancing 1.0.14.3
Amazon Elastic Load Balancing 1.0.11.1
Amazon Elastic Load Balancing 1.0.9.3
4.3
CVSSv2
CVE-2020-16843
In Firecracker 0.20.x prior to 0.20.1 and 0.21.x prior to 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM net...
Amazon Firecracker 0.20.0
Amazon Firecracker 0.21.0
Amazon Firecracker 0.21.1
4.3
CVSSv2
CVE-2005-3908
Cross-site scripting (XSS) vulnerability in search.php in GhostScripter Amazon Shop 5.0.0, and other versions prior to 5.0.2, allows remote malicious users to inject web script or HTML via the query parameter.
Amazon Shop Amazon Shop
1 EDB exploit
6.8
CVSSv2
CVE-2018-1169
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specif...
Amazon Amazon Music 6.1.5.1213
7.5
CVSSv2
CVE-2020-36363
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers.
Amazon Amazon Cloudfront 1.2 2019
6.9
CVSSv2
CVE-2022-29527
Amazon AWS amazon-ssm-agent prior to 3.1.1208.0 creates a world-writable sudoers file, which allows local malicious users to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.
Amazon Amazon Ssm Agent
7.2
CVSSv2
CVE-2021-43997
FreeRTOS versions 10.2.0 up to and including 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions up to and including 10.4.6 do not prevent a third party that has already independently gained the abilit...
Amazon Freertos 10.4.3
Amazon Freertos
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »