Vulnerabilities > Amazon
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-02 | CVE-2023-25806 | Information Exposure Through Discrepancy vulnerability in Amazon Opensearch and Opensearch Security OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. | 5.3 |
| 2023-02-03 | CVE-2023-23933 | Out-of-bounds Read vulnerability in Amazon Opensearch OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. | 4.3 |
| 2023-01-26 | CVE-2023-23612 | Improper Authentication vulnerability in Amazon Opensearch OpenSearch is an open source distributed and RESTful search engine. | 8.8 |
| 2023-01-26 | CVE-2023-23613 | Information Exposure vulnerability in Amazon Opensearch OpenSearch is an open source distributed and RESTful search engine. | 6.5 |
| 2022-12-28 | CVE-2022-46174 | Race Condition vulnerability in Amazon products efs-utils is a set of Utilities for Amazon Elastic File System (EFS). | 4.2 |
| 2022-12-12 | CVE-2022-23511 | Improper Handling of Insufficient Privileges vulnerability in Amazon Cloudwatch Agent A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. | 6.8 |
| 2022-11-16 | CVE-2022-41917 | Information Exposure vulnerability in Amazon Opensearch OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. | 4.3 |
| 2022-11-15 | CVE-2022-41918 | Incorrect Authorization vulnerability in Amazon Opensearch OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. | 6.3 |
| 2022-11-11 | CVE-2022-41906 | Server-Side Request Forgery (SSRF) vulnerability in Amazon Opensearch Notifications OpenSearch Notifications is a notifications plugin for OpenSearch that enables other plugins to send notifications via Email, Slack, Amazon Chime, Custom web-hook etc channels. | 8.7 |
| 2022-09-29 | CVE-2022-41828 | Incorrect Type Conversion or Cast vulnerability in Amazon web Services Redshift Java Database Connectivity Driver In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name. | 8.1 |