Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

aws — Vulnerabilities & Security Advisories 69

Browse all 69 CVE security advisories affecting aws. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Amazon Web Services operates as a comprehensive cloud computing platform, providing infrastructure, storage, and networking solutions to enterprises globally. With 68 recorded Common Vulnerabilities and Exposures, the platform’s security landscape reflects the complexity of its vast ecosystem. Historically, identified flaws have predominantly involved cross-site scripting, remote code execution, and privilege escalation issues, often stemming from misconfigurations or third-party component dependencies rather than core hypervisor failures. Notable incidents have occasionally highlighted risks associated with shared responsibility models, where customer-side errors led to data exposure. Despite these challenges, AWS maintains robust isolation mechanisms and continuous monitoring protocols. The frequency of vulnerabilities underscores the necessity for rigorous patch management and strict access controls. Users must remain vigilant, recognizing that while the underlying infrastructure is hardened, the security of deployed workloads largely depends on proper configuration and adherence to best practices within the shared responsibility framework.

Found 1 results / 69Clear Filters
Top products by aws: FreeRTOS-Plus-TCP tough Research and Engineering Studio (RES) AWS-LC aws-cdk Kiro IDE Client VPN AWS Serverless Application Model Command Line Interface AWS Ops Wheel sagemaker-python-sdk Firecracker SageMaker Python SDK aws-sdk-net S3 Encryption Client for Go AWS SDK for PHP AWS SDK for Ruby Wickr AWS API MCP Server Bedrock AgentCore Starter Toolkit aws-c-event-stream AWS Encryption SDK for Python QnABot on AWS Amazon ECS Agent Amazon Redshift connector for Python aws/sagemaker-python-sdk awsui-documentation aws-sdk-java efs-utils aws-sdk-php amazon-redshift-jdbc-driver
High2026-019-AWS2026-04-25
Issues in tough library and tuftool CLI utility
HighCVE-2026-69122026-04-25
Privilege Escalation via Self-Writable Cognito Custom Attribute in AWS Ops Wheel · Advisory · aws/aws-ops-wheel · GitHub
High2026-04-07
[2025.12.01 and earlier] Privilege Escalation via Instance Profile Injection · Issue #149 · aws/res
CriticalCVE-2026-57072026-04-07
Issues with AWS Research and Engineering Studio (RES)
High2020-0175-aws2026-04-04
2026-013-AWS
High2026-04-03
Auth Bypass via Share Token · Advisory · patrickhener/goshs · GitHub
UnknownCVE-2026-51902026-04-02
2026-011-AWS
High2026-04-02
Release Fix decode buffer overflow · awslabs/aws-c-event-stream · GitHub
Critical2026-04-02
Memory Corruption in event-stream parsing of headers · Advisory · awslabs/aws-c-event-stream · GitHub
HighSA-CORE-2026-0042026-02-03
Security Findings in SageMaker Python SDK
MediumCVE-2026-226112026-01-20
Defense in depth enhancement for region parameter value in AWS SDK for .NET V4 · Advisory · aws/aws-sdk-net · GitHub
HighCVE-2025-128152025-11-10
CVE-2025-12815 - RES web portal may display preview of Virtual Desktops that the user shouldn't have access to
MediumGHSA-x3cx-g8g9-75hv2025-11-09
RES web portal may display preview of Virtual Desktops that the user shouldn't have access to · Advisory · aws/res · Git
MediumCVE-2025-56882025-06-06
CVE-2025-5688 - Out of Bounds Write in FreeRTOS-Plus-TCP
HighCVE-2024-101252024-10-24
CVE-2024-10125 - missing JWT issuer and signer validation in aws-alb-identity-aspnetcore
HighGHSA-789x-wph8-m68r2024-10-24
[awslabs/aws-alb-route-directive-adapter-for-istio] Lack of JWT issuer and signer validation · Advisory · awslabs/aws-al
High2024-10-24
[awslabs/aws-alb-identity-aspnetcore] Lack of JWT issuer and signer validation · Advisory · awslabs/aws-alb-identity-asp

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with aws. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.