Vulnerabilities (CVE)

Filtered by vendor Amazon Subscribe
Filtered by product Kindle Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-30355 1 Amazon 2 Kindle, Kindle Firmware 2024-11-21 9.3 HIGH 8.6 HIGH
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.
CVE-2021-30354 1 Amazon 2 Kindle, Kindle Firmware 2024-11-21 9.3 HIGH 8.6 HIGH
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.