Vulnerabilities > Amazon > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-19 CVE-2024-23680 Improper Verification of Cryptographic Signature vulnerability in Amazon AWS Encryption SDK
AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.
network
low complexity
amazon CWE-347
5.3
2023-10-16 CVE-2023-45807 Unspecified vulnerability in Amazon Opensearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021.
network
low complexity
amazon
5.4
2023-05-08 CVE-2023-31141 Unspecified vulnerability in Amazon Opensearch Security
OpenSearch is open-source software suite for search, analytics, and observability applications.
network
high complexity
amazon
5.9
2023-05-03 CVE-2023-1384 Cross-site Scripting vulnerability in Amazon Fire OS
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.
network
low complexity
amazon CWE-79
6.1
2023-05-03 CVE-2023-1383 Unspecified vulnerability in Amazon Fire OS
An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5.
low complexity
amazon
4.3
2023-04-19 CVE-2023-30610 Unspecified vulnerability in Amazon Aws-Sigv4
aws-sigv4 is a rust library for low level request signing in the aws cloud platform.
local
low complexity
amazon
5.5
2023-03-02 CVE-2023-25806 Information Exposure Through Discrepancy vulnerability in Amazon Opensearch and Opensearch Security
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization.
network
low complexity
amazon CWE-203
5.3
2023-02-03 CVE-2023-23933 Unspecified vulnerability in Amazon Opensearch
OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications.
network
low complexity
amazon
4.3
2023-01-26 CVE-2023-23613 Information Exposure vulnerability in Amazon Opensearch
OpenSearch is an open source distributed and RESTful search engine.
network
low complexity
amazon CWE-200
6.5
2022-12-28 CVE-2022-46174 Unspecified vulnerability in Amazon products
efs-utils is a set of Utilities for Amazon Elastic File System (EFS).
network
high complexity
amazon
4.2