An open project to list all known cloud vulnerabilities and CSP security issues
AWS identified an issue in the Amazon WorkSpaces Windows client which resulted in unintentionally logging
connection debugging information to a user's local system. This data could include username...
Fri, Oct 6th, 2023
A vulnerability in Power Platform could lead to unauthorized access to Custom
Code functions used for custom connectors, thereby allowing cross-tenant information
disclosure of secrets or other sen...
Fri, Aug 4th, 2023
An information disclosure vulnerability in the Google Cloud Build service could have
allowed an attacker to view sensitive logs if they had gained prior access to a GCP
environment and had permissi...
Tue, Jul 18th, 2023
A client-side desync vulnerability was discovered in Front Door, one of Azure's CDN solutions,
caused by mishandling of the 'Content-Length' header in HTTP requests. Exploiting this vulnerability
Tue, Jun 27th, 2023
Descope identified a possible misconfiguration in Azure AD which could lead to misuse of the "Log in with Microsoft"
authentication method on a web app. If an application relies on email attribute ...
Tue, Jun 20th, 2023
Orca discovered vulnerabilities in Azure Bastion and Azure Container Registry
that could have enabled an attacker to achieve Cross-Site Scripting (XSS) by
using iframe postMessages. The vulnerabili...
Wed, Jun 14th, 2023