AWS has previously provided managed policies or guidance in documentation
for policies with mistakes that allow them to be bypassed. Additionally,
some policies are over-privileged. Date of disclos...
Tue, Nov 7th, 2017
The AWS Java SDK was vulnerable to XML external entity (XXE) injection related to XML parsers.
Tue, Oct 10th, 2017
Full administrative access to the Azure Red Hat Enterprise Linux Appliance REST API was publicly exposed.
It allowed malicious actors uploading packages that would be acquired by client virtual mac...
Sat, Nov 26th, 2016