CVE-2021-27231 – Hestia Control Panel 1.4.0 and below – Subdomain Takeover – Improper Privilege Management
CVE-2021-29921 – python stdlib “ipaddress” – Improper Input Validation of octal literals in python 3.8.0 thru v3.10 results in indeterminate SSRF & RFI vulnerabilities. — “ipaddress leading zeros in IPv4 address”
Leaky John Deere API’s: Serious Food Supply Chain Vulnerabilities Discovered by Sick Codes, Kevin Kenney & Willie Cade.
SICK-2021-031 – John Deere Operations Center – Improper Authorization Allows Exposure of Sensitive Information to an Unauthorized Actor via Farming Equipment VIN API – iOS 5.1.2 and below, Android 5.1.4 and below, Web App
SICK-2021-012 – John Deere Account Portal – Information Disclosure – Rate Limitless Username Enumeration Via Unauthenticated Availability Look-ups.
How To Mount Images or Devices Inside Docker Containers (losetup, loopback, ISO files, disk images, raw images, ext4, exfat, hfs, apfs)
