Vulnerabilities > Amazon
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-06 | CVE-2018-16599 | Information Exposure vulnerability in Amazon web Services Freertos and Freertos An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. | 5.9 |
| 2018-12-06 | CVE-2018-16598 | Confused Deputy vulnerability in Amazon web Services Freertos and Freertos An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. | 5.9 |
| 2018-12-06 | CVE-2018-16528 | Improper Input Validation vulnerability in Amazon web Services Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attackers to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules. | 8.1 |
| 2018-12-06 | CVE-2018-16527 | Information Exposure vulnerability in Amazon web Services Freertos and Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket. | 5.9 |
| 2018-12-06 | CVE-2018-16526 | Unspecified vulnerability in Amazon web Services Freertos and Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket. | 8.1 |
| 2018-12-06 | CVE-2018-16525 | Unspecified vulnerability in Amazon web Services Freertos and Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply. | 8.1 |
| 2018-12-06 | CVE-2018-16524 | Information Exposure vulnerability in Amazon web Services Freertos and Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions. | 5.9 |
| 2018-12-06 | CVE-2018-16523 | Divide By Zero vulnerability in Amazon web Services Freertos and Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions. | 7.4 |
| 2018-12-06 | CVE-2018-16522 | Access of Uninitialized Pointer vulnerability in Amazon web Services Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt. | 8.1 |
| 2018-11-14 | CVE-2018-19190 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk 20180426 The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter. | 6.1 |