GitHub20d
Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack Vector: This metric reflects the context by which vulnerability ...
Bleeping Computer25d
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild. This massive exposure is being ...
The Hacker News25d
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
The vulnerability, tracked as CVE-2025-25015, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution. "Prototype pollution in Kibana leads to ...
The Hacker News27d
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure.