Vulnerabilities > Amazon > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-11 | CVE-2020-8911 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS S3 Crypto SDK 1/2 A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. | 5.6 |
| 2020-08-04 | CVE-2020-16843 | Unspecified vulnerability in Amazon Firecracker 0.20.0/0.21.0/0.21.1 In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. | 5.9 |
| 2020-02-13 | CVE-2019-14652 | Cross-site Scripting vulnerability in Amazon AWS Javascript S3 Explorer 1.0.0 explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances. | 6.1 |
| 2019-12-11 | CVE-2019-3983 | Use of Hard-coded Credentials vulnerability in Amazon Blink XT2 Sync Module Firmware 2.3.11 Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections. | 6.8 |
| 2019-12-06 | CVE-2019-11554 | Improper Certificate Validation vulnerability in Amazon Audible 2.34.0 The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service. | 5.9 |
| 2018-12-06 | CVE-2018-16603 | Information Exposure vulnerability in Amazon web Services Freertos and Freertos An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. | 5.9 |
| 2018-12-06 | CVE-2018-16602 | Information Exposure vulnerability in Amazon web Services Freertos and Freertos An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. | 5.9 |
| 2018-12-06 | CVE-2018-16600 | Information Exposure vulnerability in Amazon web Services Freertos and Freertos An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. | 5.9 |
| 2018-12-06 | CVE-2018-16599 | Information Exposure vulnerability in Amazon web Services Freertos and Freertos An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. | 5.9 |
| 2018-12-06 | CVE-2018-16598 | Confused Deputy vulnerability in Amazon web Services Freertos and Freertos An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. | 5.9 |