Vulnerabilities > Amazon > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-06 | CVE-2018-16522 | Access of Uninitialized Pointer vulnerability in Amazon web Services Freertos Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt. | 8.1 |
| 2018-10-16 | CVE-2018-11025 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/twl6030-gpadc with the command 24832 and cause a kernel crash. | 7.5 |
| 2018-10-16 | CVE-2018-11024 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 1077435789 and cause a kernel crash. | 7.5 |
| 2018-10-16 | CVE-2018-11023 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3222560159 and cause a kernel crash. | 7.5 |
| 2018-10-16 | CVE-2018-11022 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3224132973 and cause a kernel crash. | 7.5 |
| 2018-10-16 | CVE-2018-11021 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/dsscomp with the command 1118064517 and cause a kernel crash. | 7.5 |
| 2018-10-16 | CVE-2018-11019 | Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3 kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3221773726 and cause a kernel crash. | 7.5 |
| 2018-03-02 | CVE-2018-1169 | Improper Input Validation vulnerability in Amazon Music 6.1.5.1213 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. | 8.8 |
| 2017-12-06 | CVE-2017-17069 | Untrusted Search Path vulnerability in Amazon Audible 2.34.0/2.44.1 ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. | 7.8 |
| 2017-10-30 | CVE-2017-9450 | Improper Privilege Management vulnerability in Amazon web Services Cloudformation Bootstrap The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory. | 7.8 |