Amazon

153 tracked vulnerabilities.

CVE-2024-38373 CRITICAL
FreeRTOS-Plus-TCP <4.1.0 - Buffer Overflow
Jun 24, 2024
CVSS 9.6
EPSS 0.01
CVE-2024-37293 HIGH
Amazon Aws Deployment Framework - Incorrect Privilege Assignment
Jun 11, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-28056 CRITICAL
Amazon Amplify CLI < 12.10.1 - Incorrect Default Permissions
Apr 15, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-28115 HIGH
Amazon Freertos < 10.6.2 - Improper Access Control
Mar 07, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-27350 MEDIUM
Amazon Fire OS <7.6.6.9-8.1.0.3 - Info Disclosure
Feb 26, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-23680 MEDIUM
Amazon Aws Encryption SDK < 1.9.0 - Signature Verification Bypass
Jan 19, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21634 HIGH
Amazon Ion < 1.10.5 - Resource Allocation Without Limits
Jan 03, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-51386 HIGH
Sandbox Accounts for Events - Info Disclosure
Dec 22, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-51651 MEDIUM
AWS SDK for PHP <3.288.1 - Path Traversal
Dec 22, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-50928 HIGH
Amazon Awslabs Sandbox Accounts For Events - Improper Access Control
Dec 22, 2023
CVSS 7.1
EPSS 0.00
CVE-2021-27504 HIGH
FREERTOS - Code Execution
Nov 21, 2023
CVSS 7.4
EPSS 0.00
CVE-2023-45807 MEDIUM
OpenSearch - Privilege Escalation
Oct 16, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-44487 HIGHKEV
Ietf HTTP < 1.57.0 - Denial of Service
Oct 10, 2023
CVSS 7.5
EPSS 0.94
CVE-2023-36467 HIGH
AWS data.all <1.5.2 - Authenticated RCE
Jun 28, 2023
CVSS 8.0
EPSS 0.02
CVE-2023-35165 MEDIUM
Amazon Aws Cloud Development Kit < 1.202.0 - Incorrect Authorization
Jun 23, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-33248 HIGH
Amazon Alexa software <8960323972 - Info Disclosure
May 24, 2023
CVSS 7.6
EPSS 0.01
CVE-2023-31141 MEDIUM
OpenSearch <1.3.10-2.7.0 - Info Disclosure
May 08, 2023
CVSS 4.8
EPSS 0.01
CVE-2023-1385 HIGH
Amazon Fire TV Stick <6.2.9.5 - Auth Bypass
May 03, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-1384 MEDIUM
Amazon Fire OS < 6.2.9.5 - Basic XSS
May 03, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-1383 MEDIUM
Amazon Fire TV Stick <6.2.9.5 - Info Disclosure
May 03, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-30610 MEDIUM
Amazon Aws-sigv4 < 0.55.1 - Log Information Exposure
Apr 19, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-25806 MEDIUM
OpenSearch Security - Info Disclosure
Mar 02, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-23933 MEDIUM
OpenSearch - Info Disclosure
Feb 03, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-23613 MEDIUM
Amazon Opensearch < 1.3.8 - Information Disclosure
Jan 26, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-23612 MEDIUM
Amazon Opensearch < 1.3.8 - Authentication Bypass
Jan 26, 2023
CVSS 4.7
EPSS 0.00
Products
freertos 17 amazon_web_services_freertos 14 fire_os 13 opensearch 11 blink_xt2_sync_module_firmware 7 tough 7 payfort-php-sdk 5 data.all 5 firecracker 4 freertos-plus-tcp 4 amazon_web_services_internet_of_things_device_software_development_kit_v2 4 aws_software_development_kit 4 aws_cloud_development_kit 4 amazon_web_services_aws-c-io 3 opensearch_data_prepper 3 echo_dot_firmware 3 aws_client_vpn 2 workspaces 2 audible 2 aws_s3_crypto_sdk 2 log4jhotpatch 2 opensearch_security 2 amazon_web_services_redshift_java_database_connectivity_driver 2 kindle_touch 2 awslabs_sandbox_accounts_for_events 2 kindle_firmware 2 aws_encryption_sdk 2 kindle_for_pc 2 awsui\/components-react 1 aws-sigv4 1
Quick Filters
Critical CVEs With Exploits In CISA KEV