Vulnerabilidades em Amazon
38 resultadosCVE-2019-3984—Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitiEPSS 3.8%CVE-2018-1169—This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213. User intEPSS 2.6%CVE-2025-4318CRITICALInput validation issue in AWS Amplify Studio UI component propertiesEPSS 1.0%CVE-2026-5485HIGHOS command injection in Amazon Athena ODBC driver on LinuxEPSS 0.7%CVE-2026-8178CRITICALRemote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC DriverEPSS 0.6%CVE-2024-12744HIGHSQL Injection in the Amazon Redshift JDBC Driver affecting v2.1.0.31EPSS 0.6%CVE-2025-3857HIGHInfinite loop condition in Amazon.IonDotnetEPSS 0.5%CVE-2024-12745HIGHSQL Injection in the Amazon Redshift Python Connector affecting v2.1.4EPSS 0.5%CVE-2025-0500HIGHIssue affecting Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV clientsEPSS 0.5%CVE-2026-35561CRITICALInsufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driverEPSS 0.5%CVE-2024-52311MEDIUMdata.all does not invalidate authentication token upon user logoutEPSS 0.5%CVE-2024-12746HIGHSQL Injection in the Amazon Redshift ODBC Driver affecting v2.1.5.0EPSS 0.4%CVE-2025-0501HIGHIssue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)EPSS 0.4%CVE-2026-6437MEDIUMAWS EFS CSI Driver Mount Option InjectionEPSS 0.4%CVE-2020-8897MEDIUMRobustness weakness in AWS KMS and Encryption SDKsEPSS 0.4%CVE-2025-11573HIGHDenial of Service issue in Amazon.IonDotnetEPSS 0.4%CVE-2024-52314MEDIUMdata.all admin user may access potentially sensitive data stored by producers via logsEPSS 0.4%CVE-2023-1384MEDIUMThe setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to bEPSS 0.4%CVE-2026-35562HIGHAllocation of resources without limits in parsing components in Amazon Athena ODBC driverEPSS 0.4%CVE-2024-8901MEDIUMLack of JWT issuer and signer validationEPSS 0.4%