Vulnerabilities > Amazon
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-19186 | Cross-site Scripting vulnerability in Amazon Payfort-PHP-Sdk The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter. | 4.3 |
| 2018-10-16 | CVE-2018-11025 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash. | 7.8 |
| 2018-10-16 | CVE-2018-11024 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 1077435789 and cause a kernel crash. | 7.8 |
| 2018-10-16 | CVE-2018-11023 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3222560159 and cause a kernel crash. | 7.8 |
| 2018-10-16 | CVE-2018-11022 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3224132973 and cause a kernel crash. | 7.8 |
| 2018-10-16 | CVE-2018-11021 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/dsscomp with the command 1118064517 and cause a kernel crash. | 7.8 |
| 2018-10-16 | CVE-2018-11020 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash. | 4.9 |
| 2018-10-16 | CVE-2018-11019 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3221773726 and cause a kernel crash. | 7.8 |
| 2018-05-30 | CVE-2018-11567 | Session Fixation vulnerability in Amazon products Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. | 3.3 |
| 2018-03-02 | CVE-2018-1169 | Improper Input Validation vulnerability in Amazon Music 6.1.5.1213 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. | 6.8 |