| Escalating Privileges in Google Cloud via Open Groups |
|
|
|
| ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions |
|
|
|
| Exploiting GCP Cloud Build for Privilege Escalation |
|
|
|
| Unveiling TE.0 HTTP Request Smuggling: Discovering a Critical Vulnerability in Thousands of Google Cloud Websites |
|
|
|
| LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs |
|
|
|
| FlowFixation: AWS Apache Airflow Service Takeover Vulnerability and Why Neglecting Guardrails Puts Major CSPs at Risk |
|
|
|
| Unauthenticated Access to GCP Dataproc Can Lead to Data Leak |
|
|
|
| Hijacking Cloud CI/CD Systems for Fun and Profit |
|
|
|
| GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure |
|
|
|
| GhostToken – Exploiting GCP application infrastructure to create invisible, unremovable trojan app on Google accounts |
|
|
|
writeups.xyz
/
Google (GCP)