CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6031 – Insecure device pairing in end of life Amazon Cloud Cam
https://notcve.org/view.php?id=CVE-2025-6031
12 Jun 2025 — Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status. The device defaults to a pairing status in which an arbitrary user can bypass SSL pinning to associate the device to an arbitrary network, allowing for network traffic interception and modification. We recommend c... • https://aws.amazon.com/security/security-bulletins/AWS-2025-013 • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5688 – Out of Bounds Write in FreeRTOS-Plus-TCP
https://notcve.org/view.php?id=CVE-2025-5688
04 Jun 2025 — We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes. • https://aws.amazon.com/security/security-bulletins/AWS-2025-012 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-5279 – Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin
https://notcve.org/view.php?id=CVE-2025-5279
27 May 2025 — When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and retrieve an access token. This issue has been addressed in driver version 2.1.7. Users should upgrade to address this issue and ensure any forked or derivative code is patched to incorporate the new fixes. • https://aws.amazon.com/security/security-bulletins • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2025-4948 – Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup
https://notcve.org/view.php?id=CVE-2025-4948
19 May 2025 — A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. This can cause the program to access invalid memory and crash. As a result, any application or server using libsoup could be forced to exit unexpected... • https://access.redhat.com/security/cve/CVE-2025-4948 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-3932 – thunderbird: Tracking Links in Attachments Bypassed Remote Content Blocking
https://notcve.org/view.php?id=CVE-2025-3932
14 May 2025 — It was possible to craft an email that showed a tracking link as an attachment. If the user attempted to open the attachment, Thunderbird automatically accessed the link. The configuration to block remote content did not prevent that. Thunderbird has been fixed to no longer allow access to web pages listed in the X-Mozilla-External-Attachment-URL header of an email. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=1960412 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.5EPSS: 0%CPEs: 23EXPL: 0CVE-2025-3909 – thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
https://notcve.org/view.php?id=CVE-2025-3909
14 May 2025 — Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment (message/rfc822) and setting its content type to application/pdf, Thunderbird may incorrectly render it as HTML when opened, allowing the embedded JavaScript to run without requiring a file download. This behavior relies on Thunderbird auto-saving the attachment to /tmp and linking to it via the file:/// protocol, potentially enabling Ja... • https://bugzilla.mozilla.org/show_bug.cgi?id=1958376 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2025-3875 – thunderbird: Sender Spoofing via Malformed From Header in Thunderbird
https://notcve.org/view.php?id=CVE-2025-3875
14 May 2025 — Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an (invalid) value "Spoofed Name ", Thunderbird treats spoofed@example.com as the actual address. This vulnerability affects Thunderbird < 128.10.1 and Thunderbird < 138.0.1. The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird parses addresses in a way that can allow sender spoofing in case the server all... • https://bugzilla.mozilla.org/show_bug.cgi?id=1950629 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47615 – WordPress Amazon Product in a Post <= 5.2.2 - Cross Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2025-47615
07 May 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flowdee Amazon Product in a Post allows Stored XSS. This issue affects Amazon Product in a Post: from n/a through 5.2.2. The Amazon Product in a Post plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above,... • https://patchstack.com/database/wordpress/plugin/amazon-product-in-a-post-plugin/vulnerability/wordpress-amazon-product-in-a-post-5-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4318 – Input validation issue in AWS Amplify Studio UI component properties
https://notcve.org/view.php?id=CVE-2025-4318
05 May 2025 — The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process. • https://aws.amazon.com/security/security-bulletins/AWS-2025-010 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3857 – Infinite loop condition in Amazon.IonDotnet
https://notcve.org/view.php?id=CVE-2025-3857
21 Apr 2025 — When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number of bytes read from the underlying stream while deserializing the binary format. If the Ion data is malformed or truncated, this triggers an infinite loop condition that could potentially result in a denial of service. Users should upgrade to Amazon.IonDotnet version 1.3.1 and ensure any forked or derivative code is patched to incorporate the new fixes. Al leer datos binarios de I... • https://aws.amazon.com/security/security-bulletins/AWS-2025-009 • CWE-502: Deserialization of Untrusted Data CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •