Disclosed Vulnerabilities
Our Labs & Research teams identify, validate, and responsibly disclose security vulnerabilities across widely deployed enterprise software, cloud services, and edge devices.
WT ID |
Title | CVE ID |
Published |
|---|---|---|---|
| WT-2026-0048 | Unpublished | Unpublished | Unpublished |
| WT-2026-0047 | Unpublished | Unpublished | Unpublished |
| WT-2026-0046 | Unpublished | Unpublished | Unpublished |
| WT-2026-0045 | Unpublished | Unpublished | Unpublished |
| WT-2026-0044 | Unpublished | Unpublished | Unpublished |
| WT-2026-0043 | Unpublished | Unpublished | Unpublished |
| WT-2026-0042 | Unpublished | Unpublished | Unpublished |
| WT-2026-0041 | Unpublished | Unpublished | Unpublished |
| WT-2026-0040 | Unpublished | Unpublished | Unpublished |
| WT-2026-0039 | Unpublished | Unpublished | Unpublished |
| WT-2026-0038 | Unpublished | Unpublished | Unpublished |
| WT-2026-0037 | Unpublished | Unpublished | Unpublished |
| WT-2026-0036 | Unpublished | Unpublished | Unpublished |
| WT-2026-0035 | Unpublished | Unpublished | Unpublished |
| WT-2026-0034 | Unpublished | Unpublished | Unpublished |
| WT-2026-0033 | Unpublished | Unpublished | Unpublished |
| WT-2026-0032 | Unpublished | Unpublished | Unpublished |
| WT-2026-0031 | Unpublished | Unpublished | Unpublished |
| WT-2026-0030 | Unpublished | Unpublished | Unpublished |
| WT-2026-0029 | Unpublished | Unpublished | Unpublished |
| WT-2026-0028 | Unpublished | Unpublished | Unpublished |
| WT-2026-0027 | Unpublished | Unpublished | Unpublished |
| WT-2026-0026 | Unpublished | Unpublished | Unpublished |
| WT-2026-0025 | Unpublished | Unpublished | Unpublished |
| WT-2026-0024 | Unpublished | Unpublished | Unpublished |
| WT-2026-0023 | Unpublished | Unpublished | Unpublished |
| WT-2026-0022 | Unpublished | Unpublished | Unpublished |
| WT-2026-0021 | Unpublished | Unpublished | Unpublished |
| WT-2026-0020 | Unpublished | Unpublished | Unpublished |
| WT-2026-0019 | Unpublished | Unpublished | Unpublished |
| WT-2026-0018 | Unpublished | Unpublished | Unpublished |
| WT-2026-0017 | Unpublished | Unpublished | Unpublished |
| WT-2026-0016 | Unpublished | Unpublished | Unpublished |
| WT-2026-0015 | Unpublished | Unpublished | Unpublished |
| WT-2026-0014 | Unpublished | Unpublished | Unpublished |
| WT-2026-0013 | Unpublished | Unpublished | Unpublished |
| WT-2026-0012 | Unpublished | Unpublished | Unpublished |
| WT-2026-0011 | Unpublished | Unpublished | Unpublished |
| WT-2026-0010 | Unpublished | Unpublished | Unpublished |
| WT-2026-0009 | Unpublished | Unpublished | Unpublished |
| WT-2026-0008 | Unpublished | Unpublished | Unpublished |
| WT-2026-0007 | Unpublished | Unpublished | Unpublished |
| WT-2026-0006 | Unpublished | Unpublished | Unpublished |
| WT-2026-0005 | Unpublished | Unpublished | Unpublished |
| WT-2026-0004 | Unpublished | Unpublished | Unpublished |
| WT-2026-0003 | Unpublished | Unpublished | Unpublished |
| WT-2026-0002 | SmarterMail Remote Code Execution | CVE-2026-24423 | Jan 15, 2026 |
| WT-2026-0001 | SmarterMail Authentication Bypass | CVE-2026-23760 | Jan 15, 2026 |
| WT-2025-0122 | Umbraco CMS Remote Code Execution | CVE-2025-68924 | Jan 13, 2026 |
| WT-2025-0121 | Sonatype Nexus Repository Cross-Site Scripting | CVE-2026-0601 | Jan 14, 2026 |
| WT-2025-0120 | Unpublished | Unpublished | Unpublished |
| WT-2025-0119 | Unpublished | Unpublished | Unpublished |
| WT-2025-0118 | Unpublished | Unpublished | Unpublished |
| WT-2025-0117 | Unpublished | Unpublished | Unpublished |
| WT-2025-0116 | Unpublished | Unpublished | Unpublished |
| WT-2025-0115 | Unpublished | Unpublished | Unpublished |
| WT-2025-0114 | Unpublished | Unpublished | Unpublished |
| WT-2025-0113 | Unpublished | Unpublished | Unpublished |
| WT-2025-0112 | Unpublished | Unpublished | Unpublished |
| WT-2025-0111 | Unpublished | Unpublished | Unpublished |
| WT-2025-0110 | Unpublished | Unpublished | Unpublished |
| WT-2025-0109 | Unpublished | Unpublished | Unpublished |
| WT-2025-0108 | Unpublished | Unpublished | Unpublished |
| WT-2025-0107 | Unpublished | Unpublished | Unpublished |
| WT-2025-0106 | Unpublished | Unpublished | Unpublished |
| WT-2025-0105 | WatchGuard Firebox Memory Corruption | CVE-2025-11838 | Dec 5, 2025 |
| WT-2025-0104 | Unpublished | Unpublished | Unpublished |
| WT-2025-0103 | Unpublished | Unpublished | Unpublished |
| WT-2025-0102 | Unpublished | Unpublished | Unpublished |
| WT-2025-0101 | Unpublished | Unpublished | Unpublished |
| WT-2025-0100 | Unpublished | Unpublished | Unpublished |
| WT-2025-0099 | Unpublished | Unpublished | Unpublished |
| WT-2025-0098 | Unpublished | Unpublished | Unpublished |
| WT-2025-0097 | Unpublished | Unpublished | Unpublished |
| WT-2025-0096 | Unpublished | Unpublished | Unpublished |
| WT-2025-0095 | Unpublished | Unpublished | Unpublished |
| WT-2025-0094 | Unpublished | Unpublished | Unpublished |
| WT-2025-0093 | Unpublished | Unpublished | Unpublished |
| WT-2025-0092 | Unpublished | Unpublished | Unpublished |
| WT-2025-0091 | Unpublished | Unpublished | Unpublished |
| WT-2025-0090 | Unpublished | Unpublished | Unpublished |
| WT-2025-0089 | Unpublished | Unpublished | Unpublished |
| WT-2025-0088 | Unpublished | Unpublished | Unpublished |
| WT-2025-0087 | Ivanti EPM Remote Code Execution | CVE-2025-13659 | Dec 9, 2025 |
| WT-2025-0086 | Barracuda Service Center RMM Remote Code Execution | CVE-2025-34392 | Dec 10, 2025 |
| WT-2025-0085 | Barracuda Service Center RMM Remote Code Execution | CVE-2025-34393 | Dec 10, 2025 |
| WT-2025-0084 | Barracuda Service Center RMM Remote Code Execution | CVE-2025-34393 | Dec 10, 2025 |
| WT-2025-0083 | Barracuda Service Center RMM Arbitrary File Read | CVE-2025-34395 | Dec 10, 2025 |
| WT-2025-0082 | Barracuda Service Center RMM Remote Code Execution | CVE-2025-34394 | Dec 10, 2025 |
| WT-2025-0081 | Unpublished | Unpublished | Unpublished |
| WT-2025-0080 | Unpublished | Unpublished | Unpublished |
| WT-2025-0079 | Unpublished | Unpublished | Unpublished |
| WT-2025-0078 | Unpublished | Unpublished | Unpublished |
| WT-2025-0077 | Veeam Backup & Replication Remote Code Execution | CVE-2025-48984 | Oct 14, 2025 |
| WT-2025-0076 | Unpublished | Unpublished | Unpublished |
| WT-2025-0075 | Unpublished | Unpublished | Unpublished |
| WT-2025-0074 | Unpublished | Unpublished | Unpublished |
| WT-2025-0073 | Unpublished | Unpublished | Unpublished |
| WT-2025-0072 | Unpublished | Unpublished | Unpublished |
| WT-2025-0071 | Unpublished | Unpublished | Unpublished |
| WT-2025-0070 | Unpublished | Unpublished | Unpublished |
| WT-2025-0069 | Unpublished | Unpublished | Unpublished |
| WT-2025-0068 | Unpublished | Unpublished | Unpublished |
| WT-2025-0067 | Unpublished | Unpublished | Unpublished |
| WT-2025-0066 | Ivanti EPMM Remote Code Execution | CVE-2025-6771 | Jul 7, 2025 |
| WT-2025-0065 | Unpublished | Unpublished | Unpublished |
| WT-2025-0064 | Unpublished | Unpublished | Unpublished |
| WT-2025-0063 | Unpublished | Unpublished | Unpublished |
| WT-2025-0062 | ArcServe UDP Authentication Bypass | CVE-2025-34520 | Aug 20, 2025 |
| WT-2025-0061 | ArcServe UDP Reflected XSS | CVE-2025-34521 | Aug 20, 2025 |
| WT-2025-0060 | ArcServe UDP Pre-Auth Heap Overflow | CVE-2025-34522 | Aug 20, 2025 |
| WT-2025-0059 | ArcServe UDP Pre-Auth Heap Overflow | CVE-2025-34523 | Aug 20, 2025 |
| WT-2025-0058 | Unpublished | Unpublished | Unpublished |
| WT-2025-0057 | Unpublished | Unpublished | Unpublished |
| WT-2025-0056 | Unpublished | Unpublished | Unpublished |
| WT-2025-0055 | Unpublished | Unpublished | Unpublished |
| WT-2025-0054 | Unpublished | Unpublished | Unpublished |
| WT-2025-0053 | SonicWall SMA100 Reflected XSS | CVE-2025-40598 | Apr 29, 2025 |
| WT-2025-0052 | SonicWall SMA100 Pre-Auth Heap-Overflow | CVE-2025-40597 | Jul 23, 2025 |
| WT-2025-0051 | SonicWall SMA100 Pre-Auth Stack-Overflow | CVE-2025-40596 | Jul 23, 2025 |
| WT-2025-0050 | Commvault Authentication Bypass | CVE-2025-57791 | Aug 19, 2025 |
| WT-2025-0049 | Commvault Remote Code Execution | CVE-2025-57790 | Aug 19, 2025 |
| WT-2025-0048 | Commvault Privilege Escalation | CVE-2025-57789 | Aug 19, 2025 |
| WT-2025-0047 | Unpublished | Unpublished | Unpublished |
| WT-2025-0046 | Unpublished | Unpublished | Unpublished |
| WT-2025-0045 | Unpublished | Unpublished | Unpublished |
| WT-2025-0044 | Unpublished | Unpublished | Unpublished |
| WT-2025-0043 | Commvault Remote Code Execution | CVE-2025-34028 | Apr 24, 2025 |
| WT-2025-0042 | Unpublished | Unpublished | Unpublished |
| WT-2025-0041 | Progress Telerik UI for AJAX | CVE-2025-3600 | May 14, 2025 |
| WT-2025-0040 | Unpublished | Unpublished | Unpublished |
| WT-2025-0039 | Sophos Endpoint EDR LPE | CVE-2025-7433 | Jul 17, 2025 |
| WT-2025-0038 | Unpublished | Unpublished | Unpublished |
| WT-2025-0037 | Dell Unity Pre-Auth Command Injection | CVE-2025-36604 | Aug 4, 2025 |
| WT-2025-0036 | Dell Unity Reflected XSS | CVE-2025-36605 | Aug 4, 2025 |
| WT-2025-0035 | Unpublished | Unpublished | Unpublished |
| WT-2025-0034 | Unpublished | Unpublished | Unpublished |
| WT-2025-0033 | Veeam Backup & Replication Remote Code Execution Vulnerability | CVE-2025-23121 | Jun 17, 2025 |
| WT-2025-0032 | Sitecore Experience Platform Remote Code Execution Vulnerability | CVE-2025-34510 | Jun 16, 2025 |
| WT-2025-0031 | Unpublished | Unpublished | Unpublished |
| WT-2025-0030 | Kentico Xperience CMS Cross-Site Scripting Vulnerability | CVE-2025-32370 | Apr 3, 2025 |
| WT-2025-0029 | Unpublished | Unpublished | Unpublished |
| WT-2025-0028 | Unpublished | Unpublished | Unpublished |
| WT-2025-0027 | Sitecore Experience Platform Information Disclosure Vulnerability | CVE-2025-53694 | Jul 8, 2025 |
| WT-2025-0026 | Unpublished | Unpublished | Unpublished |
| WT-2025-0025 | Sitecore Experience Platform Remote Code Execution Vulnerability | CVE-2025-34511 | Jun 16, 2025 |
| WT-2025-0024 | Sitecore Experience Platform Authentication Bypass Vulnerability | CVE-2025-34509 | Jun 16, 2025 |
| WT-2025-0023 | Sitecore Experience Platform HTML Cache Poisoning Vulnerability | CVE-2025-53693 | Jun 16, 2025 |
| WT-2025-0022 | Unpublished | Unpublished | Unpublished |
| WT-2025-0021 | Unpublished | Unpublished | Unpublished |
| WT-2025-0020 | Sitecore Experience Platform Cross-Site Scripting Vulnerability | CVE-2025-53692 | Jul 8, 2025 |
| WT-2025-0019 | Sitecore Experience Platform Remote Code Execution Vulnerability | CVE-2025-53691 | Jun 16, 2025 |
| WT-2025-0018 | Unpublished | Unpublished | Unpublished |
| WT-2025-0017 | Unpublished | Unpublished | Unpublished |
| WT-2025-0016 | Kentico Xperience CMS Cross-Site Scripting Vulnerability | CVE-2025-2748 | Mar 6, 2025 |
| WT-2025-0015 | Veeam Backup & Replication Remote Code Execution Vulnerability | CVE-2025-23120 | Mar 19, 2025 |
| WT-2025-0014 | Veeam Backup & Replication Remote Code Execution Vulnerability | CVE-2025-23120 | Mar 19, 2025 |
| WT-2025-0013 | Fortinet FortiOS Authentication Bypass | CVE-2025-24472 | Feb 11, 2025 |
| WT-2025-0012 | SugarCRM Server-Side Request Forgery | ||
| WT-2025-0011 | Kentico Xperience CMS Authentication Bypass Vulnerability | CVE-2025-2747 | Mar 6, 2025 |
| WT-2025-0010 | SysAid Pre-Auth XXE Admin creds disclosure | CVE-2025-2775 | May 7, 2025 |
| WT-2025-0010 | SysAid Pre-Auth XXE Admin creds disclosure | CVE-2025-2776 | May 7, 2025 |
| WT-2025-0010 | SysAid Pre-Auth XXE Admin creds disclosure | CVE-2025-2777 | May 7, 2025 |
| WT-2025-0009 | Plesk Open Redirect | ||
| WT-2025-0008 | Kentico Xperience CMS Denial of Service Vulnerability | CVE-2025-2794 | Mar 28, 2025 |
| WT-2025-0007 | Kentico Xperience CMS Remote Code Execution Vulnerability | CVE-2025-2749 | Mar 6, 2025 |
| WT-2025-0006 | Kentico Xperience CMS Authentication Bypass Vulnerability | CVE-2025-2746 | Jan 30, 2025 |
| WT-2025-0005 | Unpublished | Unpublished | Unpublished |
| WT-2025-0004 | Unpublished | Unpublished | Unpublished |
| WT-2025-0003 | Unpublished | Unpublished | Unpublished |
| WT-2025-0002 | Unpublished | Unpublished | Unpublished |
| WT-2025-0001 | Unpublished | Unpublished | Unpublished |
| WT-2024-0036 | InfoScale Deserialization Pre-Auth RCE | CVE-2025-27816 | Mar 7, 2025 |
| WT-2024-0035 | Palo-Alto PANOS File Deletion | CVE-2025-0109 | Feb 12, 2025 |
| WT-2024-0034 | Veeam Deserialization Bypass File Delete & NTLM Relay | CVE-2024-42455 | Dec 4, 2024 |
| WT-2024-0033 | FortiManager Command Injection (FortiJumpHigher) | CVE-2024-50566 | Jan 14, 2025 |
| WT-2024-0032 | Sophos Endpoint EDR LPE | CVE-2024-8885 | Oct 2, 2024 |
| WT-2024-0031 | Liferay Cross-Site Scripting (Reflected) | ||
| WT-2024-0030 | Unpublished | Unpublished | Unpublished |
| WT-2024-0029 | Unpublished | Unpublished | Unpublished |
| WT-2024-0028 | DotNetNuke.Core Server-Side Request Forgery | CVE-2025-32372 | Apr 9, 2025 |
| WT-2024-0027 | Dell CMC Use of Outdated Libraries | ||
| WT-2024-0026 | Dell CMC Stack Overflow | CVE-2025-26336 | |
| WT-2024-0025 | Unpublished | Unpublished | Unpublished |
| WT-2024-0024 | Unpublished | Unpublished | Unpublished |
| WT-2024-0023 | Unpublished | Unpublished | Unpublished |
| WT-2024-0022 | Oracle Opera XML Entity Injection | CVE-2025-21547 | |
| WT-2024-0021 | Nakivo Arbitrary File Read | CVE-2024-48248 | Feb 26, 2025 |
| WT-2024-0020 | EVE-NG Server-Side Request Forgery | ||
| WT-2024-0019 | Unpublished | Unpublished | Unpublished |
| WT-2024-0018 | MailEnable Cross-Site Scripting Reflected | ||
| WT-2024-0017 | Unpublished | Unpublished | Unpublished |
| WT-2024-0016 | Citrix Desktop (XEN) Pre-Auth Deserialization RCE Chain | CVE-2024-8069 | Nov 12, 2024 |
| WT-2024-0015 | Citrix Desktop (XEN) Pre-Auth Deserialization RCE Chain | CVE-2024-8068 | Nov 12, 2024 |
| WT-2024-0014 | Mitel Micollab Authentication Bypass | CVE-2024-41713 | Dec 5, 2024 |
| WT-2024-0013 | Unpublished | Unpublished | Unpublished |
| WT-2024-0012 | QNAP QuTSCloud Heap overflow from creating directory with large name | CVE-2024-32763 | Sep 6, 2024 |
| WT-2024-0011 | Vembu BDRSuite SQL Injection | ||
| WT-2024-0010 | Unpublished | Unpublished | Unpublished |
| WT-2024-0009 | Ivanti Connect Secure XML Entity Injection | CVE-2024-22024 | Feb 9, 2024 |
| WT-2024-0008 | Unpublished | Unpublished | Unpublished |
| WT-2024-0007 | IBM Qradar AJP Packet Smuggling | CVE-2022-26377 | Apr 12, 2024 |
| WT-2024-0006 | Unpublished | Unpublished | Unpublished |
| WT-2024-0005 | QNAP QuTSCloud XSS via remote device discovery | May 27, 2023 | |
| WT-2024-0004 | QNAP QuTSCloud XSS via remote log messages | May 27, 2023 | |
| WT-2024-0003 | Unpublished | Unpublished | Unpublished |
| WT-2024-0002 | Unpublished | Unpublished | Unpublished |
| WT-2024-0001 | Unpublished | Unpublished | Unpublished |
| WT-2023-0056 | IBM Operational Decision Manager Remote Code Execution | CVE-2024-22320 | Feb 22, 2024 |
| WT-2023-0055 | IBM Operational Decision Manager Remote Code Execution | CVE-2024-22319 | Feb 22, 2024 |
| WT-2023-0055 | QNAP QuTSCloud Log spoofing via x-forwarded-for | CVE-2024-27131 | May 7, 2023 |
| WT-2023-0054 | QNAP QuTSCloud Stack buffer overflow | CVE-2024-27130 | May 27, 2023 |
| WT-2023-0053 | QNAP QuTSCloud Static variable overflow | CVE-2024-27129 | May 27, 2023 |
| WT-2023-0052 | QNAP QuTSCloud Stack overflow | CVE-2024-27128 | May 27, 2023 |
| WT-2023-0051 | QNAP QuTSCloud Double-free | CVE-2024-27127 | May 27, 2023 |
| WT-2023-0050 | QNAP QuTSCloud Hardcoded key in VJBOD tickets | May 27, 2023 | |
| WT-2023-0049 | QNAP QuTSCloud Missing authentication | CVE-2024-21902 | May 27, 2023 |
| WT-2023-0048 | QNAP QuTSCloud Heap overflow | CVE-2023-50364 | May 27, 2023 |
| WT-2023-0047 | QNAP QuTSCloud Missing authentication | CVE-2023-50363 | May 27, 2023 |
| WT-2023-0046 | QNAP QuTSCloud Authenticated stack overflow | CVE-2023-50362 | May 27, 2023 |
| WT-2023-0045 | QNAP QuTSCloud Authenticated stack overflow | CVE-2023-50361 | May 27, 2023 |
| WT-2023-0044 | Form Tools Local File Inclusion | Feb 8, 2024 | |
| WT-2023-0043 | Unpublished | Unpublished | Unpublished |
| WT-2023-0042 | Sangfor NGAF Command Injection | CVE-2023-30806 | Oct 5, 2023 |
| WT-2023-0041 | Unpublished | Unpublished | Unpublished |
| WT-2023-0040 | Unpublished | Unpublished | Unpublished |
| WT-2023-0039 | Unpublished | Unpublished | Unpublished |
| WT-2023-0038 | Unpublished | Unpublished | Unpublished |
| WT-2023-0037 | Unpublished | Unpublished | Unpublished |
| WT-2023-0036 | Sangfor NGAF Command Injection | CVE-2023-30805 | Oct 5, 2023 |
| WT-2023-0035 | Sangfor NGAF Arbitrary File Read | CVE-2023-30804 | Oct 5, 2023 |
| WT-2023-0034 | Sangfor NGAF Authentication Bypass | CVE-2023-30803 | Oct 5, 2023 |
| WT-2023-0033 | Sangfor NGAF Information Disclosure | CVE-2023-30802 | Oct 5, 2023 |
| WT-2023-0032 | Unpublished | Unpublished | Unpublished |
| WT-2023-0031 | Unpublished | Unpublished | Unpublished |
| WT-2023-0030 | Orbeon Forms Remote Code Execution | Sep 8, 2023 | |
| WT-2023-0029 | Orbeon Forms Server-Side Request Forgery | Sep 8, 2023 | |
| WT-2023-0028 | OpenCMS Apache Solr Injection | CVE-2023-42346 | Nov 21, 2023 |
| WT-2023-0027 | OpenCMS Cross-Site Scripting (Reflected) | CVE-2023-42345 | Nov 21, 2023 |
| WT-2023-0026 | OpenCMS Cross-Site Scripting (Reflected) | CVE-2023-42343 | Nov 21, 2023 |
| WT-2023-0025 | OpenCMS XML Entity Injection | CVE-2023-42344 | Nov 21, 2023 |
| WT-2023-0024 | Fortinet FortiOS Authenticated DoS via null deref | Jun 9, 2023 | |
| WT-2023-0023 | Unpublished | Unpublished | Unpublished |
| WT-2023-0022 | Unpublished | Unpublished | Unpublished |
| WT-2023-0021 | Unpublished | Unpublished | Unpublished |
| WT-2023-0020 | Unpublished | Unpublished | Unpublished |
| WT-2023-0019 | Unpublished | Unpublished | Unpublished |
| WT-2023-0018 | cPanel XSS in 'repair SQL database' via database name | ||
| WT-2023-0017 | cPanel XSS in 'reset SQL password' | ||
| WT-2023-0016 | Unpublished | Unpublished | Unpublished |
| WT-2023-0015 | Unpublished | Unpublished | Unpublished |
| WT-2023-0014 | Unpublished | Unpublished | Unpublished |
| WT-2023-0013 | Unpublished | Unpublished | Unpublished |
| WT-2023-0012 | Unpublished | Unpublished | Unpublished |
| WT-2023-0011 | SonicWall SonicOS Authenticated DoS via null deref | CVE-2023-41711 | Oct 20, 2023 |
| WT-2023-0010 | SonicWall SonicOS Authenticated DoS via assert failure | CVE-2023-41712 | Oct 20, 2023 |
| WT-2023-0009 | SonicWall SonicOS Authenticated DoS via null deref | CVE-2023-41711 | Oct 20, 2023 |
| WT-2023-0008 | SonicWall SonicOS Authenticated DoS | CVE-2023-39280 | Oct 20, 2023 |
| WT-2023-0007 | Unpublished | Unpublished | Unpublished |
| WT-2023-0006 | SonicWall SonicOS Authenticated DoS | CVE-2023-39279 | Oct 20, 2023 |
| WT-2023-0005 | SonicWall SonicOS Stack buffer overflow | CVE-2023-39276 | Oct 20, 2023 |
| WT-2023-0004 | SonicWall SonicOS Hardcoded credentials | CVE-2023-41713 | Oct 20, 2023 |
| WT-2023-0003 | SonicWall SonicOS Stack buffer overflow | CVE-2023-39277 | Oct 20, 2023 |
| WT-2023-0002 | SonicWall SonicOS Authenticated DoS | CVE-2023-39278 | Oct 20, 2023 |
| WT-2023-0001 | Unpublished | Unpublished | Unpublished |
| WT-2022-0003 | OpenVPN Access Server Insertion of Sensitive Information into log file | CVE-2022-33737 | Aug 4, 2022 |
| WT-2022-0002 | OpenVPN Access Server Use of weak random number generator | CVE-2022-33738 | Aug 4, 2022 |
| WT-2022-0001 | OpenAM Authentication Bypass | CVE-2022-34298 | Jul 1, 2022 |
The research published by watchTowr Labs is powered by the same engine behind the watchTowr Platform, our Preemptive Exposure Management solution built for enterprises that refuse to wait for the next satisfying advisory from their scanner vendor.
The watchTowr Platform combines External Attack Surface Management and Continuous Automated Red Teaming to test your defenses against the vulnerabilities and techniques that matter: the ones real attackers are actually exploiting.