Top Reported Known Exploitable Issues:
Here is the complete list of vulnerabilities for this month that we’ve updated within our platform, to be treated as a priority:
Watchlist Details: CVE-2025-0282
Name
Ivanti
Description
CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device. Ivanti’s advisory indicates that CVE-2025-0282 has been exploited in the wild against a limited number of Connect Secure devices.
Watchlist Details: CVE-2024-41713
Name
Mitel MiCollab
Description
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users’ data and system configurations.
Watchlist Details: CVE-2020-2883
Name
Oracle WebLogic
Description
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
Watchlist Details: CVE-2025-21333, CVE-2025-21333, CVE-2025-21335
Name
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege
Description
Three CVE’s from Microsoft indicating a Elevation of Privileges. Active exploitation reported allowing an attacker to gain system privileges. However Microsoft have not yet detailed how the attack is directly conducted. Present in Windows 10, 11, Windows Servers 2022 & 2025 releases.
Watchlist Details: CVE-2024-52875
Name
Kerio Control Firewalls
Description
The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could then lead to a cross-site scripting (XSS) flaw. Successful exploitation of the 1-click RCE flaw permits an attacker to inject malicious inputs into HTTP response headers by introducing carriage return (\r) and line feed (\n) characters.
Watchlist Details: CVE-2024-53704
Name
SonicWall
Description
An identified a high (CVE Score 8.2) firewall vulnerability that is susceptible to actual exploitation for customers with SSL VPN or SSH management enabled and that should be mitigated immediately by upgrading to the latest firmware. Impacted users are recommended to upgrade to the following versions to address the security risk: Gen 6 / 6.5 hardware firewalls: SonicOS 6.5.5.1-6n or newer Gen 6 / 6.5 NSv firewalls: SonicOS 6.5.4.v-21s-RC2457 or newer Gen 7 firewalls: SonicOS 7.0.1-5165 or newer; 7.1.3-7015 and higher TZ80: SonicOS 8.0.0-8037 or newer POC exploit code has been seen on chat forums.
Watchlist Details: CVE-2024-55591
Name
FortiOS
Description
CVE-2024-55591 in FortiOS & FortiProxy (CVSS 9.6) allows attackers to gain super-admin access & hijack firewalls. Affected versions: FortiOS 7.0.0-7.0.16 & FortiProxy 7.0.0-7.2.12. Upgrade now to 7.0.17+ or 7.0.20+ to mitigate risk.
Watchlist Details: CVE-2024-55550
Name
Mitel MiCollab
Description
Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources that are constrained to the admin access level, and the disclosure is limited to non-sensitive system information. This vulnerability does not allow file modification or privilege escalation.
Watchlist Details: CVE-2024-50603
Name
Aviatrix Controller
Description
“multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in unauthenticated remote code execution. A successful exploitation of the flaw could permit an attacker to inject malicious operating system commands owing to the fact that certain API endpoints do not adequately sanitize user-supplied input. The vulnerability has been addressed in versions 7.1.4191 and 7.2.4996.