GitHub - hashishrajan/cloud-security-vulnerabilities: List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc

Linking pages

Top 5 scary AWS misconfigurations | Snyk https://snyk.io/blog/top-5-aws-misconfigurations/ 3 comments

Linked pages

“Secret” Agent Exposes Azure Customers To Unauthorized Code Execution | Wiz Blog https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution 179 comments
Orca Discovers AWS CloudFormation Vulnerability - Orca Security https://orca.security/resources/blog/aws-cloudformation-vulnerability/ 74 comments
AutoWarp: Azure Automation Vulnerability | Orca Research Pod https://orca.security/resources/blog/autowarp-microsoft-azure-automation-service-vulnerability/ 45 comments
The Log4j vulnerability and its impact on software supply chain security | Snyk https://snyk.io/blog/log4j-vulnerability-software-supply-chain-security-log4shell 42 comments
Cross-Account Container Takeover in Azure Container Instances https://unit42.paloaltonetworks.com/azure-container-instances/ 32 comments
The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors | Wiz Blog https://www.wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities 19 comments
Wiz Research discovers "ExtraReplica"— a cross-account database vulnerability in Azure PostgreSQL | Wiz Blog https://www.wiz.io/blog/wiz-research-discovers-extrareplica-cross-account-database-vulnerability-in-azure-postgresql/ 18 comments
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass | Datadog Security Labs https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass/ 14 comments
AttachMe: critical OCI vulnerability allows unauthorized access to customer cloud storage volumes | Wiz Blog https://www.wiz.io/blog/attachme-oracle-cloud-vulnerability-allows-unauthorized-cross-tenant-volume-access 9 comments
Orca Security Discovers AWS Glue Vulnerability - Orca Security https://orca.security/resources/blog/aws-glue-vulnerability/ 6 comments
AWS SageMaker Jupyter Notebook Instance Takeover https://blog.lightspin.io/aws-sagemaker-notebook-takeover-vulnerability 3 comments
Azure B2C Crypto Misuse and Account Compromise - https://www.praetorian.com/blog/azure-b2c-crypto-misuse-and-account-compromise/ 3 comments
Azure Synapse Security Advisory | Orca Research Pod https://orca.security/resources/blog/azure-synapse-analytics-security-advisory/ 1 comment
NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories | Wiz Blog https://www.wiz.io/blog/azure-app-service-source-code-leak 1 comment
FabricScape: Escaping Service Fabric and Taking Over the Cluster https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137/ 0 comments
Cloud Risk Encyclopedia - Complete Cloud Security in Minutes - Orca Security https://orca.security/resources/cloud-risk-encyclopedia/ 0 comments
GitHub - toniblyx/my-arsenal-of-aws-security-tools: List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. https://github.com/toniblyx/my-arsenal-of-aws-security-tools 0 comments
GitHub - JupiterOne/starbase: Graph-based security analysis for everyone https://github.com/jupiterone/starbase 0 comments
Exploiting Authentication in AWS IAM Authenticator for Kubernetes https://blog.lightspin.io/exploiting-eks-authentication-vulnerability-in-aws-iam-authenticator 0 comments
Microsoft Azure Site Recovery DLL Hijacking | by James Sebree | Tenable TechBlog | Medium https://medium.com/tenable-techblog/microsoft-azure-site-recovery-dll-hijacking-cd8cc34ef80c 0 comments