Security Advisories

A critical vulnerability in BYOB (Bring Your Own Botnet) allows unauthenticated attackers to execute arbitrary code remotely on the system. This vulnerability could allow attackers to take complete control of the affected system.

A high severity vulnerability in the Havoc C2 Team Server allows unauthenticated attackers to perform Server-Side Request Forgery (SSRF) attacks. This vulnerability could enable attackers to make arbitrary HTTP requests from the server, potentially leading to internal network enumeration or data exfiltration.

Multiple critical vulnerabilities in CHAOS RAT allow attackers to execute arbitrary code remotely on affected systems. These vulnerabilities (CVE-2024-30850 and CVE-2024-31839) could allow attackers to gain complete control over systems running CHAOS RAT, potentially leading to unauthorized access, data theft, or system compromise.

A vulnerability in KDE Frameworks allows arbitrary command execution through specially crafted .desktop files. This could allow an attacker to execute arbitrary commands with the privileges of the user running the KDE desktop environment.

EA Origin contains another critical vulnerability that allows remote command execution through specially crafted game URLs. An attacker could create a malicious URL that, when processed by the Origin client, would execute arbitrary commands on the system.

EA Origin contains a critical vulnerability in its URL protocol handler that allows remote command execution. An attacker could craft a malicious origin:// URL that, when clicked, would execute arbitrary commands on the system.