Content Modification: Updates for Kev Content published 2025-04-14

Total New Fixlets: 20
Total Updated Fixlets: 71
Total Fixlets in Site: 2953
Total CVEs Covered: 850
Release Date: 2025-04-14

New Fixlets:
37120 Apache Tomcat Path Equivalence Vulnerability - Any Version of Windows
37250 VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability - VMware ESXi 7.0
37130 Apache Tomcat Path Equivalence Vulnerability - Any Version of Linux
37260 VMware ESXi Arbitrary Write Vulnerability - VMware ESXi 7.0
37140 Linux Kernel Use of Uninitialized Resource Vulnerability - SLE
37270 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability - VMware ESXi 7.0
37150 HTTP/2 Rapid Reset Attack Vulnerability - SLE
37180 Linux Kernel Out-of-Bounds Access Vulnerability - RHEL
37060 HTTP/2 Rapid Reset Attack Vulnerability - Ubuntu
37190 Linux Kernel Out-of-Bounds Read Vulnerability - Oracle Linux
37070 Linux Kernel Out-of-Bounds Read Vulnerability - Ubuntu
37200 Linux Kernel Out-of-Bounds Access Vulnerability - Oracle Linux
37080 Linux Kernel Out-of-Bounds Access Vulnerability - Ubuntu
37210 HTTP/2 Rapid Reset Attack Vulnerability - leap
37090 HTTP/2 Rapid Reset Attack Vulnerability - Debian
37220 VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability - VMware ESXi 8.0
37100 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability - Any Operating System
37230 VMware ESXi Arbitrary Write Vulnerability - VMware ESXi 8.0
37110 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability - Any Operating System
37240 VMware ESXi and Workstation TOCTOU Race Condition Vulnerability - VMware ESXi 8.0

Updated Fixlets:
12800 Apache Tomcat Remote Code Execution Vulnerability - Any Version of Windows
14210 Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability - Any Version of Windows
32260 HTTP/2 Rapid Reset Attack Vulnerability - Windows 10
33530 Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability - Oracle Linux
8070 Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability - Windows Server 2016
37000 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability - Windows 10
32400 HTTP/2 Rapid Reset Attack Vulnerability - Windows 11
36880 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability - Oracle Linux
12690 Docker Desktop Community Edition Privilege Escalation Vulnerability - Any Version of Windows
37010 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability - Windows Server 2008 SP2
33430 Apple Multiple Products WebKit Use-After-Free Vulnerability - Oracle Linux
15640 Apache CouchDB Insecure Default Initialization of Resource Vulnerability - Any Version of Windows
34840 Android Kernel Remote Code Execution Vulnerability - Ubuntu
37020 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability - Windows Server 2022
28700 Linux Kernel Privilege Escalation Vulnerability - Ubuntu
35360 Apache Tomcat Remote Code Execution Vulnerability - Any Version of Linux
34980 Spring Framework JDK 9+ Remote Code Execution Vulnerability - Any Version of Windows
8740 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows Server 2012 R2
37030 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability - Windows Server 2008 R2
25130 Microsoft MSHTML Remote Code Execution Vulnerability - Windows 10
36010 Linux Kernel Out-of-Bounds Write Vulnerability - SLE
9260 Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability - Windows Server 2012 R2
30380 Linux Kernel Use-After-Free Vulnerability - Ubuntu
34990 Apache Tomcat Improper Privilege Management Vulnerability - Any Version of Windows
33450 Apple Multiple Products WebKit Memory Corruption Vulnerability - Oracle Linux
37040 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability - Windows 11
25140 Microsoft MSHTML Remote Code Execution Vulnerability - Windows Server 2008 SP2
36790 Linux Kernel Use of Uninitialized Resource Vulnerability - Ubuntu
11320 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows Server 2008 R2 SP1
10040 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows Server 2012
35000 Spring Framework JDK 9+ Remote Code Execution Vulnerability - Any Version of Linux
27580 rConfig OS Command Injection Vulnerability - Any Version of CentOS
30140 Linux Kernel Use-After-Free Vulnerability - Ubuntu
25150 Microsoft MSHTML Remote Code Execution Vulnerability - Windows Server 2008 R2 SP1
32190 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2016
25280 Microsoft MSHTML Remote Code Execution Vulnerability - Office
35010 Apache Tomcat Improper Privilege Management Vulnerability - Any Version of Linux
25160 Microsoft MSHTML Remote Code Execution Vulnerability - Windows 7 SP1
5450 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows 10
25290 Microsoft MSHTML Remote Code Execution Vulnerability - Word Viewer
5970 Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability - Windows 10
25170 Microsoft MSHTML Remote Code Execution Vulnerability - Windows 8.1
36820 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability - Any Version of MacOS
32340 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2022
35030 Apache Tomcat Remote Code Execution Vulnerability - Any Version of Windows
25300 Microsoft MSHTML Remote Code Execution Vulnerability - Excel Viewer
33490 Apple Multiple Products WebKit Type Confusion Vulnerability - Oracle Linux
25180 Microsoft MSHTML Remote Code Execution Vulnerability - Windows Server 2019
32220 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2019
1630 Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability - Windows 8.1
6750 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows Server 2019
2400 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows 7 SP1
35040 Apache Tomcat Remote Code Execution Vulnerability - Any Version of Linux
36830 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability - Apple iOS
31710 Linux Kernel Heap-Based Buffer Overflow Vulnerability - Ubuntu
14180 Microsoft Defender Remote Code Execution Vulnerability - Any Version of Windows
33500 Apple Multiple Products WebKit Memory Corruption Vulnerability - Oracle Linux
25190 Microsoft MSHTML Remote Code Execution Vulnerability - Windows Server 2016
19560 Apache CouchDB Insecure Default Initialization of Resource Vulnerability - Any Version of MacOS
28650 Linux Kernel Privilege Escalation Vulnerability - Ubuntu
25200 Microsoft MSHTML Remote Code Execution Vulnerability - Windows Server 2012 R2
33520 Apple Multiple Products WebKit Type Confusion Vulnerability - Oracle Linux
14450 Plex Media Server Remote Code Execution Vulnerability - Any Version of Windows
36980 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability - Windows Server 2016
28660 Linux Kernel Use-After-Free Vulnerability - Ubuntu
7670 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows Server 2016
25210 Microsoft MSHTML Remote Code Execution Vulnerability - Windows Server 2012
32120 HTTP/2 Rapid Reset Attack Vulnerability - Any Version of Windows
36990 Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability - Windows Server 2019
36860 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability - RHEL
1150 Microsoft Internet Explorer Information Disclosure Vulnerability - Windows 8.1