Vulnerabilities > Amazon

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
8.1
2024-06-24 CVE-2024-38373 Out-of-bounds Read vulnerability in Amazon Freertos-Plus-Tcp
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS.
network
low complexity
amazon CWE-125
8.1
2024-06-11 CVE-2024-37293 Unspecified vulnerability in Amazon AWS Deployment Framework
The AWS Deployment Framework (ADF) is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization.
local
low complexity
amazon
7.8
2024-03-07 CVE-2024-28115 Unspecified vulnerability in Amazon Freertos
FreeRTOS is a real-time operating system for microcontrollers.
local
low complexity
amazon
7.8
2024-01-19 CVE-2024-23680 Improper Verification of Cryptographic Signature vulnerability in Amazon AWS Encryption SDK
AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.
network
low complexity
amazon CWE-347
5.3
2024-01-03 CVE-2024-21634 Unspecified vulnerability in Amazon ION
Amazon Ion is a Java implementation of the Ion data notation.
network
low complexity
amazon
7.5
2023-12-22 CVE-2023-51386 Unspecified vulnerability in Amazon Awslabs Sandbox Accounts for Events
Sandbox Accounts for Events provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI.
local
low complexity
amazon
3.3
2023-12-22 CVE-2023-50928 Unspecified vulnerability in Amazon Awslabs Sandbox Accounts for Events
"Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI.
network
low complexity
amazon
critical
9.0
2023-12-22 CVE-2023-51651 Unspecified vulnerability in Amazon AWS Software Development KIT
AWS SDK for PHP is the Amazon Web Services software development kit for PHP.
local
low complexity
amazon
3.3
2023-11-21 CVE-2021-27504 Integer Overflow or Wraparound vulnerability in multiple products
Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution.
local
low complexity
amazon ti CWE-190
7.8