Filtered by vendor Amazon
Subscribe
Search
Total
100 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14652 | 1 Amazon | 1 Aws Javascript S3 Explorer | 2020-02-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances. | |||||
| CVE-2019-10777 | 1 Amazon | 1 Aws Lambda | 2020-01-13 | 7.5 HIGH | 9.8 CRITICAL |
| In aws-lambda versions prior to version 1.0.5, the "config.FunctioName" is used to construct the argument used within the "exec" function without any sanitization. It is possible for a user to inject arbitrary commands to the "zipCmd" used within "config.FunctionName". | |||||
| CVE-2019-18960 | 1 Amazon | 1 Firecracker | 2019-12-19 | 7.5 HIGH | 9.8 CRITICAL |
| Firecracker vsock implementation buffer overflow in versions 0.18.0 and 0.19.0. This can result in potentially exploitable crashes. | |||||
| CVE-2019-3985 | 1 Amazon | 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware | 2019-12-13 | 8.3 HIGH | 8.8 HIGH |
| Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter. | |||||
| CVE-2019-3986 | 1 Amazon | 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware | 2019-12-13 | 8.3 HIGH | 8.8 HIGH |
| Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the encryption parameter. | |||||
| CVE-2019-3987 | 1 Amazon | 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware | 2019-12-13 | 8.3 HIGH | 8.8 HIGH |
| Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter. | |||||
| CVE-2019-3988 | 1 Amazon | 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware | 2019-12-13 | 8.3 HIGH | 8.8 HIGH |
| Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the bssid parameter. | |||||
| CVE-2019-3989 | 1 Amazon | 2 Blink Xt2 Sync Module, Blink Xt2 Sync Module Firmware | 2019-12-13 | 9.3 HIGH | 9.8 CRITICAL |
| Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when retrieving internal network configuration data. | |||||
| CVE-2019-11554 | 1 Amazon | 1 Audible | 2019-12-11 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service. | |||||
| CVE-2019-18178 | 1 Amazon | 1 Freertos\+fat | 2019-11-09 | 5.0 MEDIUM | 7.5 HIGH |
| Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cache to disk by the function FF_FlushCache(). | |||||
| CVE-2018-1169 | 1 Amazon | 1 Amazon Music | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5521. | |||||
| CVE-2018-16525 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-10-03 | 6.8 MEDIUM | 8.1 HIGH |
| Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply. | |||||
| CVE-2018-16526 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-10-03 | 6.8 MEDIUM | 8.1 HIGH |
| Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket. | |||||
| CVE-2017-9450 | 1 Amazon | 1 Amazon Web Services Cloudformation Bootstrap | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory. | |||||
| CVE-2017-16867 | 1 Amazon | 2 Amazon Key, Amazon Key Firmware | 2019-10-03 | 3.3 LOW | 6.5 MEDIUM |
| Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house for unfilmed activities or (2) attackers to freeze a camera and enter a house if a delivery driver failed to ensure a locked door before leaving. | |||||
| CVE-2018-16528 | 1 Amazon | 1 Amazon Web Services Freertos | 2019-02-01 | 6.8 MEDIUM | 8.1 HIGH |
| Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attackers to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules. | |||||
| CVE-2018-11020 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2019-01-17 | 4.9 MEDIUM | 4.4 MEDIUM |
| kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash. | |||||
| CVE-2018-16523 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-04 | 5.8 MEDIUM | 7.4 HIGH |
| Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions. | |||||
| CVE-2018-16524 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions. | |||||
| CVE-2018-16527 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket. | |||||
| CVE-2018-16598 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request. | |||||
| CVE-2018-16599 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-04 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure. | |||||
| CVE-2018-16601 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-03 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution. | |||||
| CVE-2018-16600 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure. | |||||
| CVE-2018-16602 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure. | |||||
| CVE-2018-16603 | 1 Amazon | 2 Amazon Web Services Freertos, Freertos | 2019-01-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker. | |||||
| CVE-2018-19187 | 1 Amazon | 1 Payfort-php-sdk | 2018-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement. | |||||
| CVE-2018-19186 | 1 Amazon | 1 Payfort-php-sdk | 2018-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter. | |||||
| CVE-2018-19188 | 1 Amazon | 1 Payfort-php-sdk | 2018-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fort_id parameter. | |||||
| CVE-2018-19189 | 1 Amazon | 1 Payfort-php-sdk | 2018-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement. | |||||
| CVE-2018-19190 | 1 Amazon | 1 Payfort-php-sdk | 2018-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter. | |||||
| CVE-2018-11019 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2018-12-03 | 7.8 HIGH | 7.5 HIGH |
| kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3221773726 and cause a kernel crash. | |||||
| CVE-2018-11021 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2018-12-03 | 7.8 HIGH | 7.5 HIGH |
| kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/dsscomp with the command 1118064517 and cause a kernel crash. | |||||
| CVE-2018-11023 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2018-12-03 | 7.8 HIGH | 7.5 HIGH |
| kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3222560159 and cause a kernel crash. | |||||
| CVE-2018-11022 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2018-12-03 | 7.8 HIGH | 7.5 HIGH |
| kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3224132973 and cause a kernel crash. | |||||
| CVE-2018-11024 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2018-12-03 | 7.8 HIGH | 7.5 HIGH |
| kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 1077435789 and cause a kernel crash. | |||||
| CVE-2018-11025 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2018-12-03 | 7.8 HIGH | 7.5 HIGH |
| kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash. | |||||
| CVE-2018-11567 | 1 Amazon | 10 Echo, Echo Dot, Echo Dot Firmware and 7 more | 2018-07-05 | 4.3 MEDIUM | 3.3 LOW |
| ** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states "Customer trust is important to us and we take security and privacy seriously. We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do. Customers do not need to take any action for these mitigations to work." | |||||
| CVE-2017-17069 | 2 Amazon, Microsoft | 2 Audible, Windows | 2017-12-20 | 9.3 HIGH | 7.8 HIGH |
| ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. | |||||
| CVE-2013-1840 | 2 Amazon, Openstack | 5 S3 Store, Essex, Folsom and 2 more | 2017-08-29 | 3.5 LOW | N/A |
| The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image. | |||||
| CVE-2012-5817 | 2 Amazon, Codehaus | 2 Ec2 Api Tools Java Library, Xfire | 2017-08-29 | 5.8 MEDIUM | N/A |
| Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2012-5782 | 1 Amazon | 1 Flexible Payments Service | 2017-08-29 | 5.8 MEDIUM | N/A |
| Amazon Flexible Payments Service (FPS) PHP Library does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to misinterpretation of a certain "true" value. | |||||
| CVE-2015-7292 | 1 Amazon | 1 Fire Os | 2017-04-15 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv. | |||||
| CVE-2017-6189 | 1 Amazon | 1 Kindle For Pc | 2017-03-24 | 4.4 MEDIUM | 7.3 HIGH |
| Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer. | |||||
| CVE-2014-3908 | 1 Amazon | 1 Kindle | 2014-09-02 | 5.8 MEDIUM | N/A |
| The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2013-0302 | 2 Amazon, Owncloud | 2 Sdk Tester, Owncloud | 2014-06-24 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ownCloud Server before 4.0.12 allows remote attackers to obtain sensitive information via unspecified vectors related to "inclusion of the Amazon SDK testing suite." NOTE: due to lack of details, it is not clear whether the issue exists in ownCloud itself, or in Amazon SDK. | |||||
| CVE-2012-5780 | 1 Amazon | 1 Merchant Sdk | 2012-11-20 | 5.8 MEDIUM | N/A |
| The Amazon merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. | |||||
| CVE-2010-5268 | 1 Amazon | 1 Kindle For Pc | 2012-09-10 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 30884 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .azw file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-4249 | 1 Amazon | 1 Kindle Touch | 2012-08-13 | 10.0 HIGH | N/A |
| The Amazon Lab126 com.lab126.system sendEvent implementation on the Kindle Touch before 5.1.2 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string, as demonstrated by using lipc-set-prop to set an LIPC property, a different vulnerability than CVE-2012-4248. | |||||
| CVE-2012-4248 | 1 Amazon | 1 Kindle Touch | 2012-08-13 | 9.3 HIGH | N/A |
| The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or (4) todo.scheduleItems method, a different vulnerability than CVE-2012-4249. | |||||