Vulnerabilities > Amazon > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2024-23680 | Improper Verification of Cryptographic Signature vulnerability in Amazon AWS Encryption SDK AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures. | 5.3 |
| 2023-10-16 | CVE-2023-45807 | Improper Preservation of Permissions vulnerability in Amazon Opensearch OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. | 5.4 |
| 2023-05-08 | CVE-2023-31141 | Incorrect Authorization vulnerability in Amazon Opensearch Security OpenSearch is open-source software suite for search, analytics, and observability applications. | 5.9 |
| 2023-05-03 | CVE-2023-1384 | Cross-site Scripting vulnerability in Amazon Fire OS The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3. | 6.1 |
| 2023-05-03 | CVE-2023-1383 | Unspecified vulnerability in Amazon Fire OS An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. low complexity amazon | 4.3 |
| 2023-04-19 | CVE-2023-30610 | Information Exposure Through Log Files vulnerability in Amazon Aws-Sigv4 aws-sigv4 is a rust library for low level request signing in the aws cloud platform. | 5.5 |
| 2023-03-02 | CVE-2023-25806 | Information Exposure Through Discrepancy vulnerability in Amazon Opensearch and Opensearch Security OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. | 5.3 |
| 2023-02-03 | CVE-2023-23933 | Out-of-bounds Read vulnerability in Amazon Opensearch OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications. | 4.3 |
| 2023-01-26 | CVE-2023-23613 | Information Exposure vulnerability in Amazon Opensearch OpenSearch is an open source distributed and RESTful search engine. | 6.5 |
| 2022-12-28 | CVE-2022-46174 | Race Condition vulnerability in Amazon products efs-utils is a set of Utilities for Amazon Elastic File System (EFS). | 4.2 |