List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Oracle Cloud, IBM Cloud etc
NOTE: This list will not cover any data breaches caused by misconfiguration
Do you want to contribute to this list? Feel free to send a PR.
- AWS IAM Cross Account - Published: 4 August,2021 - Status: RESOLVED
- AWS SageMaker Notebook - Published: 7 December,2021 - Status: RESOLVED
- Breaking Formation: AWS Cloudformation- Published: 13 Jan,2022 - Status: RESOLVED
- SuperGlue: AWS Glue - Published: 13 Jan,2022 - Status: RESOLVED
- ChaosDB:Azure Cosmos DB - Published: 7 August,2021 - Status: RESOLVED
- OMIGOD:Microsoft Open Management Infrastructure (OMI) - Published: 14 September,2021 - Status: RESOLVED
- NotLegit: Azure App Service - Published: 21 December,2021 - Status: RESOLVED
- ExtraReplica:Azure PostgreSQL - Published: 28 April,2022 - Status: RESOLVED
- AutoWrap: Azure Automation - Published: 7 March,2021 - Status: RESOLVED
- Synapse: Azure Synapse Analytics - Published: 9 May,2021 - Status: PARTIAL(requires User Caution)
- sudo vulnerability - Published 6 August,2021 - Status: PARTIAL (requires User Caution)
- Dynamic DNS - Published 6 August,2021 - Status: PARTIAL (requires User Caution)
- Log4Shell - Published 13 December,2021 - Status: Resolved
- Spring4Shell - Published 13 March,2022 - Status: Resolved
All identified vulnerabilities should be disclosed to the vendors/maintainers of affected software or hardware systems directly. All major cloud providers have published disclosure addresses