Multiple IBM QRadar SIEM Vulnerabilities

October 28, 2025

Critical Dell Storage Manager Flaws Allow Full System Compromise

October 29, 2025

Multiple Apache Tomcat Vulnerabilities

October 28, 2025

Severity

Medium

Analysis Summary

CVE-2025-61795 CVSS:5.3

Apache Tomcat is vulnerable to a denial of service, caused by not clean up temporary copies of the uploaded parts written to disc immediately.

CVE-2025-55754 CVSS:6.5

Apache Tomcat could allow a remote attacker to manipulate the console and the clipboard, caused by improper neutralization of escape, meta, or control sequences.

Impact

Denial of Service
Security Bypass

Indicators of Compromise

CVE

CVE-2025-61795
CVE-2025-55754

Affected Vendors

Apache

Affected Products

Apache Tomcat - 11.0.0-M1 - 11.0.11
Apache Tomcat - 10.1.0-M1 - 10.1.46
Apache Tomcat - 9.0.0.M1 - 9.0.109
Apache Tomcat - 8.5.0 - 8.5.100
Apache Tomcat - 11.0.0-M1 - 11.0.10
Apache Tomcat - 10.1.0-M1 - 10.1.44
Apache Tomcat - 9.0.40 - 9.0.108

Remediation

Upgrade to the latest version of Apache Tomcat, available from the Apache Website.

CVE-2025-61795

CVE-2025-55754

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Windows Remote Desktop Services Flaw Lets Attackers Escalate Privileges

Threat Actors Target Outlook and Google, Outsmarting Conventional Email Security

Multiple IBM Db2 Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us