Filtered by vendor Amazon
Subscriptions
Filtered by product Kindle
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3908 | 1 Amazon | 1 Kindle | 2024-08-06 | N/A |
| The Amazon.com Kindle application before 4.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2021-30354 | 1 Amazon | 2 Kindle, Kindle Firmware | 2024-08-03 | 8.6 High |
| Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book. | ||||
| CVE-2021-30355 | 1 Amazon | 2 Kindle, Kindle Firmware | 2024-08-03 | 8.6 High |
| Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root. | ||||
Page 1 of 1.