VYPR

Vendor CVEs

Amazon

All CVEs

108 total · sorted by risk
  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2024-6387HigJul 1, 2024
    risk 0.64cvss 8.1epss 1.00

    A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time…

  • CVE-2015-7292CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.02

    Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.

  • CVE-2026-31431HigKEVApr 22, 2026
    risk 0.59cvss 7.8epss 0.97

    In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the…

  • CVE-2026-10591HigJun 2, 2026
    risk 0.57cvss 8.8epss 0.00

    Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions that cause writes to execution-sensitive paths (such as .vscode/tasks.json),…

  • CVE-2026-5709HigApr 6, 2026
    risk 0.57cvss 8.8epss 0.01

    Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser…

  • CVE-2026-5708HigApr 6, 2026
    risk 0.57cvss 8.8epss 0.01

    Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio (RES) prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile…

  • CVE-2026-5707HigApr 6, 2026
    risk 0.57cvss 8.8epss 0.01

    Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research and Engineering Studio (RES) version 2025.03 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands as root on the virtual desktop host via a…

  • CVE-2025-12779HigNov 5, 2025
    risk 0.57cvss 8.8epss 0.00

    Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be…

  • CVE-2018-1169HigMar 2, 2018
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific…

  • CVE-2025-8904HigAug 13, 2025
    risk 0.55cvss 8.5epss 0.00

    Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to…

  • CVE-2026-5485HigApr 3, 2026
    risk 0.51cvss 7.8epss 0.01

    OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local…

  • CVE-2026-35558HigApr 3, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by…

  • CVE-2026-5429HigApr 2, 2026
    risk 0.51cvss 7.8epss 0.00

    Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a potentially damaging crafted color theme name when a local user opens the workspace. This issue…

  • CVE-2026-0830HigJan 9, 2026
    risk 0.51cvss 7.8epss 0.01

    Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces. To mitigate, users should update to the latest version.

  • CVE-2025-8069HigJul 23, 2025
    risk 0.51cvss 7.8epss 0.00

    During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x86_64-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the…

  • CVE-2017-17069HigDec 6, 2017
    risk 0.51cvss 7.8epss 0.02

    ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file.

  • CVE-2017-9450HigOct 30, 2017
    risk 0.51cvss 7.8epss 0.00

    The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges by leveraging the ability to create files in an unspecified directory.

  • CVE-2026-35562HigApr 3, 2026
    risk 0.49cvss 7.5epss 0.00

    Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. …

  • CVE-2025-6031HigJun 12, 2025
    risk 0.49cvss 7.5epss 0.00

    Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due…

  • CVE-2025-0500HigJan 15, 2025
    risk 0.49cvss 7.5epss 0.00

    An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle.

  • CVE-2026-35561HigApr 3, 2026
    risk 0.48cvss 7.4epss 0.00

    Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication…

  • CVE-2026-35560HigApr 3, 2026
    risk 0.48cvss 7.4epss 0.00

    Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to…

  • CVE-2017-6189HigMar 15, 2017
    risk 0.48cvss 7.3epss 0.01

    Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.

  • CVE-2012-5817HigNov 4, 2012
    risk 0.48cvss 7.4epss 0.01

    Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows…

  • CVE-2026-9291HigMay 22, 2026
    risk 0.46cvss 7.1epss 0.00

    Insecure deserialization in the job results processing component in Amazon Braket SDK before 1.117.0 might allow a remote authenticated user with S3 write access to the job output bucket to achieve arbitrary code execution on any machine that processes job results. We…

  • CVE-2026-7426HigApr 29, 2026
    risk 0.46cvss 8.1epss 0.00

    Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the…

  • CVE-2026-7424HigApr 29, 2026
    risk 0.46cvss 8.1epss 0.00

    Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze…

  • CVE-2024-30165HigMay 28, 2024
    risk 0.46cvss 7.1epss 0.00

    Amazon AWS Client VPN before 3.9.1 on macOS has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions, a different vulnerability than CVE-2024-30164.

  • CVE-2024-30164MedMay 28, 2024
    risk 0.44cvss 6.7epss 0.00

    Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resolution is the same as for…

  • CVE-2026-9133HigMay 20, 2026
    risk 0.43cvss 7.7epss 0.00

    Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme (arn:aws-debug:file) accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file…

  • CVE-2026-5747HigApr 8, 2026
    risk 0.42cvss 7.5epss 0.00

    An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x86_64 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via…

  • CVE-2026-35559MedApr 3, 2026
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations. To remediate this issue, users should…

  • CVE-2026-4269HigMar 16, 2026
    risk 0.42cvss 7.5epss 0.00

    A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the AgentCore Runtime. This issue only affects users of the Bedrock AgentCore…

  • CVE-2017-16867MedNov 16, 2017
    risk 0.42cvss 6.5epss 0.02

    Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery drivers to freeze a camera and re-enter a house for unfilmed activities or (2) attackers to freeze a camera and enter a house if…

  • CVE-2026-7461HigApr 30, 2026
    risk 0.40cvss 7.2epss 0.01

    Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the…

  • CVE-2026-6968MedApr 24, 2026
    risk 0.38cvss 5.9epss 0.01

    Incomplete path traversal fixes in awslabs/tough before tough-v0.22.0 allow remote authenticated users with delegated signing authority to write files outside intended output directories via absolute target names in copy_target/link_target, symlinked parent directories in…

  • CVE-2026-6967MedApr 24, 2026
    risk 0.38cvss 5.9epss 0.00

    Missing expiration, hash, and length enforcement in delegated metadata validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users with delegated signing authority to bypass TUF specification integrity checks for delegated targets metadata and poison the…

  • CVE-2026-4270MedMar 16, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper Protection of Alternate Path exists in the no-access and workdir feature of the AWS API MCP Server versions >= 0.2.14 and < 1.3.9 on all platforms may allow the bypass of intended file access restriction and expose arbitrary local file contents in the MCP client…

  • CVE-2026-7425MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION…

  • CVE-2026-7422MedApr 29, 2026
    risk 0.35cvss 6.5epss 0.00

    Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC address to match one of the device's own registered endpoints, because the…

  • CVE-2026-6437MedApr 17, 2026
    risk 0.35cvss 6.5epss 0.00

    Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver (aws-efs-csi-driver) before v3.0.1 allows remote authenticated users with PersistentVolume creation permissions to inject arbitrary mount options via comma injection. To…

  • CVE-2026-6966MedApr 24, 2026
    risk 0.34cvss 5.3epss 0.00

    Improper verification of cryptographic signature uniqueness in delegated role validation in awslabs/tough before tough-v0.22.0 allows remote authenticated users to bypass the TUF signature threshold requirement by duplicating a valid signature, causing the client to accept…

  • CVE-2026-7423MedApr 29, 2026
    risk 0.27cvss 5.3epss 0.00

    Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length…

  • CVE-2025-14760MedDec 17, 2025
    risk 0.27cvss 5.3epss 0.00

    Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To…

  • CVE-2025-8217MedJul 30, 2025
    risk 0.26cvss 4.0epss 0.00

    The Amazon Q Developer Visual Studio Code (VS Code) extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which…

  • CVE-2018-11567LowMay 30, 2018
    risk 0.22cvss 3.3epss 0.01

    Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input;…

  • CVE-2025-12815MedNov 6, 2025
    risk 0.21cvss 4.3epss 0.00

    An ownership verification issue in the Virtual Desktop preview page in the Research and Engineering Studio (RES) on AWS before version 2025.09 may allow an authenticated remote user to view another user's active desktop session metadata, including periodical desktop preview…

  • CVE-2022-25809Feb 23, 2022
    risk 0.01cvss epss 0.03

    Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices allows arbitrary voice command execution on these devices via a malicious skill (in the case of remote attackers) or by pairing a malicious Bluetooth device (in the case of physically…

  • CVE-2021-38112Sep 22, 2021
    risk 0.01cvss epss 0.06

    In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9.

Page 1 of 3