Sick Codes @ DEF CON 29 August 5-8 2021! by Sick Codes June 29, 2021 - Updated on August 7, 2021 0 Pleased to announce we will be speaking at two talks this year at DEF CON 29 conference in Las Vegas, ...
CVE-2021-27616 – SAP Business One Hana (Chef Cookbook) – Exposure of Backup File to an Unauthorized Control Sphere via Insecure Temporary File Storage. by Sick Codes June 8, 2021 - Updated on June 12, 2021 0 Title SAP Business One Hana (Chef Cookbook) - Exposure of Backup File to an Unauthorized Control Sphere via Insecure Temporary ...
CVE-2021-27614 – SAP Business One Hana (Chef Cookbook) – Incorrect Permission Assignment for Critical Resources – Root Privilege Escalation Vulnerability by Sick Codes June 8, 2021 - Updated on June 12, 2021 0 Title SAP Business One Hana (Chef Cookbook) - Incorrect Permission Assignment for Critical Resources - Root Privilege Escalation Vulnerability CVE ...
CVE-2021-27613 – SAP Business One Hana (Chef Cookbook) – Insecure Temporary File For Incoming & Outgoing Payroll Data – SAP Business One Chef Cookbook. by Sick Codes June 8, 2021 - Updated on June 12, 2021 0 Title SAP Business One Hana (Chef Cookbook) - Insecure Temporary File For Incoming & Outgoing Payroll Data - SAP Business ...
CVE-2021-27231 – Hestia Control Panel 1.4.0 and below – Subdomain Takeover – Improper Privilege Management by Sick Codes May 12, 2021 2 Title Hestia Control Panel 1.4.0 and below - Subdomain Takeover - Improper Privilege Management CVE ID CVE-2021-27231 CVSS Score 5.4 ...
CVE-2021-29921 – python stdlib “ipaddress” – Improper Input Validation of octal literals in python 3.8.0 thru v3.10 results in indeterminate SSRF & RFI vulnerabilities. — “ipaddress leading zeros in IPv4 address” by Sick Codes April 30, 2021 - Updated on October 4, 2021 8 Title python stdlib "ipaddress" - Improper Input Validation of octal literals in python 3.8.0 thru v3.10 results in indeterminate SSRF ...
Leaky John Deere API’s: Serious Food Supply Chain Vulnerabilities Discovered by Sick Codes, Kevin Kenney & Willie Cade. by Sick Codes April 22, 2021 60 Discovering who owns John Deere tractors, harvesters, and implements. What farm they are at. How old they are. And how ...
SICK-2021-031 – John Deere Operations Center – Improper Authorization Allows Exposure of Sensitive Information to an Unauthorized Actor via Farming Equipment VIN API – iOS 5.1.2 and below, Android 5.1.4 and below, Web App by Sick Codes April 21, 2021 0 Title SICK-2021-031 - John Deere Operations Center - Improper Authorization Allows Exposure of Sensitive Information to an Unauthorized Actor via ...
SICK-2021-012 – John Deere Account Portal – Information Disclosure – Rate Limitless Username Enumeration Via Unauthenticated Availability Look-ups. by Sick Codes April 21, 2021 0 Title John Deere Account Portal - Information Disclosure - Rate Limitless Username Enumeration Via Unauthenticated Availability Look-ups. CVE ID Not ...
How To Mount Images or Devices Inside Docker Containers (losetup, loopback, ISO files, disk images, raw images, ext4, exfat, hfs, apfs) by Sick Codes April 6, 2021 0 Mounting disk images inside a Docker container requires 2 steps. The first step is giving the Docker container elevated permissions ...