Filter
-Infinity
0

Trending

Last week
Last month
Last year

Software

amazon kindle
31
amazon freertos
22
amazon fire os
12
amazon opensearch
8
amazon blink xt2 sync module
7
amazon blink xt2 sync module firmware
7
amazon kindle fire hd
7
amazon payfort php sdk
5
amazon alexa
4
amazon aws iot device sdk v2 for node.js
4
amazon aws software development kit
4
amazon opensearch notifications
4
amazon web services (aws)
4
amazon web services internet of things device software development kit v2 java
4
amazon web services iot device sdk for python v2
4
amazon web services iot device sdk v2 c++
4
amazon aws cloudformation
3
amazon echo dot
3
amazon fire tv stick 3rd gen
3
amazon firecracker
3
amazon hotpatch
3
amazon web services
3
amazon web services aws-c-io
3
amazon workspaces client
3
amazon audible
2
amazon aws client vpn
2
amazon aws labs sandbox accounts
2
amazon flexible payments service
2
amazon ion for java
2
amazon kindle firmware
2
amazon kindle for pc
2
amazon kindle touch
2
amazon web services linux
2
amazon workspaces
2
amazon appstream 2.0
1
amazon aws dataall
1
amazon aws javascript s3 explorer
1
amazon aws marketplace
1
amazon aws shared configuration file loader
1
amazon aws signature version 4
1
amazon aws ui components react
1
amazon cloudfront
1
amazon cloudwatch agent
1
amazon dcv clients
1
amazon ec2 api tools
1
amazon echo firmware
1
amazon echo plus
1
amazon echo plus firmware
1
amazon echo show firmware
1
amazon echo spot firmware
1

Amazon IonDotnetInfinite loop condition in Amazon.IonDotnet

high
8.7
EPSS
0.04%
First published (updated )
CVE-2025-3857

Amazon SESSMTP for Amazon SES – YaySMTP <= 1.8 - Unauthenticated Stored Cross-Site Scripting via Email Logs

high
7.2
EPSS
0.12%
First published (updated )
CVE-2025-3434

BleepingComputerHackers target SSRF bugs in EC2-hosted sites to steal AWS credentials

Exploited
First published (updated )
News
BleepingComputer

Amazon AWS CloudFormationZDI-25-205: Amazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability

First published (updated )
ZDI-CAN-25426

Amazon AWS CloudFormationAmazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability

First published (updated )
ZDI-25-205

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Amazon AWS CloudFormationAmazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability

First published (updated )
ZDI-25-206

Amazon SageMaker WorkflowMD5 Hash Collision in SageMaker Workflow in aws/sagemaker-python-sdk

medium
5.9
First published (updated )
CVE-2025-0508

ZDNetNavigating AI-powered cyber threats in 2025: 4 expert security tips for businesses

Exploited
First published (updated )
News
ZDNet

Amazon Simple AffiliateSimple Amazon Affiliate <= 1.0.9 - Reflected Cross-Site Scripting

medium
6.1
First published (updated )
CVE-2025-2077

YaySMTPVulnerability: SMTP for Amazon SES <= 1.7.1 - Unauthenticated Stored Cross-Site Scripting via Email Logs

high
7.2
First published (updated )
CVE-2025-0957

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

BleepingComputerwhoAMI attacks give hackers code execution on Amazon EC2 instances

First published (updated )
News
BleepingComputer

The RegisterTriplestrength hits with ransomware, cloud crypto mining

First published (updated )
News
The Register

Dark ReadingAbandoned AWS Cloud Storage: A Major Cyberattack Vector

Exploited
First published (updated )
News
Dark Reading

BleepingComputerHow attackers abuse S3 Bucket Namesquatting — And How to Stop Them

Exploited
First published (updated )
News
BleepingComputer

Dark ReadingChinese 'Infrastructure Laundering' Abuses AWS, Microsoft Cloud

First published (updated )
News
Dark Reading

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

The RegisterAbandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant'

Exploited
First published (updated )
News
The Register

BleepingComputerAmazon Redshift gets new default settings to prevent data breaches

First published (updated )
News
BleepingComputer

Amazon Web Services (AWS)Issue with AWS Sign-in IAM User Login Flow - Possible Username Enumeration

medium
6.9
First published (updated )
CVE-2025-0693

Amazon WorkSpacesIssue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)

high
7.7
EPSS
0.04%
First published (updated )
CVE-2025-0501

Amazon WorkSpaces ClientIssue affecting Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV clients

high
7.7
EPSS
0.04%
First published (updated )
CVE-2025-0500

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Amazon Web Services (AWS)ZDI-24-1176: Amazon AWS aws-glue-with-s2s-vpn Uncontrolled Search Path Element Remote Code Execution Vulnerability

First published (updated )
ZDI-CAN-23901

Amazon Ion for JavaAmazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential d…

high
7
First published (updated )
REDHAT-BUG-2304311

FreeBSD KernelOpenSSH regreSSHion Attack (CVE-2024-6387)

high
8.1
EPSS
71.47%
Trending
Year
First published (updated )
CVE-2024-6387

Amazon FreeRTOSFreeRTOS-Plus-TCP Buffer Over-Read in DNS Response Parser

critical
9.6
First published (updated )
CVE-2024-38373

AWS Deployment Frameworkaws-deployment-framework's potential risk can lead to privilege escalation

high
7.8
First published (updated )
CVE-2024-37293

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

OpenSSH serverPath Traversal

medium
5.3
First published (updated )
CVE-2023-35812

Amazon FreeRTOSPrivilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled

high
8.8
EPSS
0.04%
First published (updated )
CVE-2024-28115

maven/com.amazonaws:aws-encryption-sdk-javaAWS Encryption SDK for Java Improper Verification of Cryptographic Signature

medium
5.3
EPSS
0.05%
First published (updated )
CVE-2024-23680

maven/software.amazon.ion:ion-javaIon Java StackOverflow vulnerability

high
7.5
EPSS
0.05%
First published (updated )
CVE-2024-21634

Amazon AWS Labs Sandbox AccountsSandbox Accounts for Events vulnerable to privilege escalation to read running events data

high
7.8
First published (updated )
CVE-2023-51386

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203