[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2024-10-01
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Tue Oct 1 09:09:26 PDT 2024
Total New Fixlets: 99
Total Updated Fixlets: 99
Total Fixlets in Site: 2644
Total CVEs Covered: 750
Release Date: 2024-10-01
New Fixlets:
33280 WebKitGTK Memory Corruption Vulnerability - RHEL
32770 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Ubuntu
32260 HTTP/2 Rapid Reset Attack Vulnerability - Windows 10
33290 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
32780 Apple Multiple Products WebKit Code Execution Vulnerability -
Ubuntu
32270 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2008 SP2
33300 Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
32790 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Ubuntu
32280 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2008 SP2
33310 Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
33320 Apple Multiple Products WebKit Integer Overflow Vulnerability
- RHEL
32810 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Ubuntu
33330 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
32310 Apple iOS, iPadOS, and macOS Type Confusion Vulnerability -
Apple iOS
33340 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
32830 Apple Multiple Products WebKit Type Confusion Vulnerability -
Debian
32320 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2022
33350 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
32330 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2022
33360 Apple Multiple Products WebKit Storage Use-After-Free
Vulnerability - RHEL
32850 Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - Debian
32340 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2022
33370 Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
32860 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Debian
32350 Linux Kernel PIE Stack Buffer Corruption Vulnerability - RHEL
33380 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - RHEL
32360 Linux Kernel PIE Stack Buffer Corruption Vulnerability - SLE
33390 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
32880 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Debian
32370 Linux Kernel PIE Stack Buffer Corruption Vulnerability -
Oracle Linux
33400 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - RHEL
32890 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Debian
32380 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows 11
33410 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Oracle Linux
32900 Apple Multiple Products WebKit Code Execution Vulnerability -
Debian
32390 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows 11
33420 Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - Oracle Linux
32400 HTTP/2 Rapid Reset Attack Vulnerability - Windows 11
33430 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Oracle Linux
32410 Microsoft Publisher Protection Mechanism Failure Vulnerability
- Publisher
33440 WebKitGTK Memory Corruption Vulnerability - Oracle Linux
32930 Apple Multiple Products WebKit Type Confusion Vulnerability -
Debian
33450 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Oracle Linux
32940 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Debian
33460 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Oracle Linux
33470 Apple Multiple Products WebKit Integer Overflow Vulnerability
- Oracle Linux
32960 Apple Multiple Products WebKit Code Execution Vulnerability -
Debian
33480 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Oracle Linux
33490 Apple Multiple Products WebKit Type Confusion Vulnerability -
Oracle Linux
32980 Apple Multiple Products WebKit Type Confusion Vulnerability -
Debian
33500 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Oracle Linux
32990 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Debian
33510 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Oracle Linux
33000 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Debian
33520 Apple Multiple Products WebKit Type Confusion Vulnerability -
Oracle Linux
33010 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2012
33530 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Oracle Linux
33020 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2008 SP2
33030 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Server 2008 R2 SP1
33040 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 7 SP1
33050 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows Vista SP2
33070 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - SLE
33090 Apple Multiple Products WebKit Use-After-Free Vulnerability -
SLE
33610 Microsoft Internet Explorer Memory Corruption Vulnerability -
Windows 8 Gold
33100 WebKitGTK Memory Corruption Vulnerability - SLE
33110 Apple Multiple Products WebKit Memory Corruption Vulnerability
- SLE
32090 ImageMagick Improper Input Validation Vulnerability - Any
Version of Windows
33120 Apple Multiple Products WebKit Use-After-Free Vulnerability -
SLE
32100 Draytek VigorConnect Path Traversal Vulnerability - Any
Version of Windows
33130 Apple Multiple Products WebKit Code Execution Vulnerability -
SLE
32110 Draytek VigorConnect Path Traversal Vulnerability - Any
Version of Windows
32120 HTTP/2 Rapid Reset Attack Vulnerability - Any Version of
Windows
33160 Apple Multiple Products WebKit Type Confusion Vulnerability -
SLE
32140 ImageMagick Improper Input Validation Vulnerability - Any
Version of Linux
33170 Apple Multiple Products WebKit Memory Corruption Vulnerability
- SLE
32670 Apple Multiple Products WebKit Type Confusion Vulnerability -
Ubuntu
32160 ImageMagick Improper Input Validation Vulnerability - Any
Version of MacOS
33190 Apple Multiple Products WebKit Code Execution Vulnerability -
SLE
32680 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Ubuntu
32170 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2016
33200 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - SLE
32180 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2016
32700 WebKitGTK Memory Corruption Vulnerability - Ubuntu
32190 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2016
33220 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - SLE
32200 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2019
33230 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - SLE
32720 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Ubuntu
32210 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2019
33240 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
32220 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2019
33250 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - RHEL
32740 Apple Multiple Products WebKit Integer Overflow Vulnerability
- Ubuntu
32230 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows 10
33260 Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - RHEL
32750 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Ubuntu
32240 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows 10
33270 Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
32250 Microsoft Windows Update Use-After-Free Vulnerability -
Windows 10
Updated Fixlets:
25090 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Any Version of MacOS
19460 Oracle VirtualBox Insufficient Input Validation Vulnerability
- Any Version of MacOS
26630 Microsoft Windows Search Remote Code Execution Vulnerability -
Windows 11
19980 Oracle JRE Unspecified Vulnerability - Any Version of MacOS
26140 Apple Multiple Products WebKit Type Confusion Vulnerability -
Apple iOS
20000 Oracle Java SE Unspecified Vulnerability - Any Version of
MacOS
24110 WebKitGTK Memory Corruption Vulnerability - Any Version of
MacOS
25650 Microsoft Windows MSHTML Platform Privilege Escalation
Vulnerability - Windows Server 2019
25660 Microsoft Windows Error Reporting Service Privilege Escalation
Vulnerability - Windows Server 2019
27200 Apple Multiple Products WebKit Code Execution Vulnerability -
Apple iOS
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
20550 Oracle Java SE Integrity Check Vulnerability - Any Version of
MacOS
25670 Microsoft Windows Defender SmartScreen Security Feature Bypass
Vulnerability - Windows Server 2019
25680 Microsoft Windows MSHTML Platform Privilege Escalation
Vulnerability - Windows Server 2016
32340 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2022
25690 Microsoft Windows Error Reporting Service Privilege Escalation
Vulnerability - Windows Server 2016
27230 Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - Apple iOS
25700 Microsoft Windows Defender SmartScreen Security Feature Bypass
Vulnerability - Windows Server 2016
14450 Plex Media Server Remote Code Execution Vulnerability - Any
Version of Windows
19580 Oracle JRE Sandbox Bypass Vulnerability - Any Version of MacOS
32400 HTTP/2 Rapid Reset Attack Vulnerability - Windows 11
26260 Microsoft Windows Defender SmartScreen Security Feature Bypass
Vulnerability - Windows Server 2022
26780 Android Framework Privilege Escalation Vulnerability - Any
Current Service Pack of Android
26270 Microsoft Windows MSHTML Platform Privilege Escalation
Vulnerability - Windows Server 2022
15520 Oracle VirtualBox Insufficient Input Validation Vulnerability
- Any Version of Windows
26280 Microsoft Windows Error Reporting Service Privilege Escalation
Vulnerability - Windows Server 2022
30890 Microsoft Outlook Security Feature Bypass Vulnerability -
Outlook
26290 Microsoft Windows Defender SmartScreen Security Feature Bypass
Vulnerability - Windows 11
26300 Microsoft Windows MSHTML Platform Privilege Escalation
Vulnerability - Windows 11
18110 Grafana Authentication Bypass Vulnerability - Any Version of
Linux
26310 Microsoft Windows Error Reporting Service Privilege Escalation
Vulnerability - Windows 11
25800 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Apple iOS
20170 Oracle Java SE Runtime Environment (JRE) Arbitrary Code
Execution Vulnerability - Any Version of MacOS
15060 Apple Multiple Products WebKit Integer Overflow Vulnerability
- Any Version of MacOS
19680 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Any Version of MacOS
29430 Microsoft Streaming Service Untrusted Pointer Dereference
Vulnerability - Windows Server 2016
29440 Microsoft Streaming Service Untrusted Pointer Dereference
Vulnerability - Windows Server 2019
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
29450 Microsoft Streaming Service Untrusted Pointer Dereference
Vulnerability - Windows 10
25870 Apple Multiple Products WebKit Code Execution Vulnerability -
Apple iOS
29460 Microsoft Streaming Service Untrusted Pointer Dereference
Vulnerability - Windows Server 2022
23830 Microsoft Windows AppX Installer Spoofing Vulnerability -
Windows 10
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
25880 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Apple iOS
29470 Microsoft Streaming Service Untrusted Pointer Dereference
Vulnerability - Windows 11
25890 Apple Multiple Products WebKit Storage Use-After-Free
Vulnerability - Apple iOS
24870 Oracle Java SE and JRockit Unspecified Vulnerability - Any
Version of MacOS
25900 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Apple iOS
26420 Microsoft .NET Core and Visual Studio Denial-of-Service
Vulnerability - Any Version of Windows
26940 Trend Micro Apex One and Worry-Free Business Security Remote
Code Execution Vulnerability - Any Version of Windows
20800 Apple Multiple Products WebKit Storage Use-After-Free
Vulnerability - Any Version of MacOS
25920 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Apple iOS
26450 Microsoft Windows Search Remote Code Execution Vulnerability -
Windows 10
15700 TeamViewer Desktop Bypass Remote Login Vulnerability - Any
Version of Windows
20830 Apple Multiple Products WebKit Type Confusion Vulnerability -
Any Version of MacOS
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
28520 Apple Multiple Products WebKit Type Confusion Vulnerability -
Any Version of MacOS
25450 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of MacOS
23920 WebKitGTK Memory Corruption Vulnerability - Any Version of
Windows
20340 Oracle JRE Unspecified Vulnerability - Any Version of MacOS
28020 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Any Version of MacOS
26490 Microsoft Windows Search Remote Code Execution Vulnerability -
Windows Server 2019
25980 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Apple iOS
28540 Apple Multiple Products WebKit Type Confusion Vulnerability -
Apple iOS
28030 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Any Version of MacOS
25470 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Any Version of MacOS
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
26510 Microsoft Windows Search Remote Code Execution Vulnerability -
Windows Server 2016
12690 Docker Desktop Community Edition Privilege Escalation
Vulnerability - Any Version of Windows
20370 Oracle JRE Remote Code Execution Vulnerability - Any Version
of MacOS
28050 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Apple iOS
20890 Oracle Java SE Runtime Environment (JRE) Arbitrary Code
Execution Vulnerability - Any Version of MacOS
28060 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Apple iOS
30110 Apple Multiple Products WebKit Integer Overflow Vulnerability
- Apple iOS
25510 Apple Multiple Products WebKit Code Execution Vulnerability -
Any Version of MacOS
17320 Oracle VirtualBox Insufficient Input Validation Vulnerability
- Any Version of Linux
27050 Apple Multiple Products WebKit Code Execution Vulnerability -
Any Version of MacOS
32170 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2016
20910 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Any Version of MacOS
25520 Apple Multiple Products WebKit Type Confusion Vulnerability -
Any Version of MacOS
25530 Microsoft Windows MSHTML Platform Privilege Escalation
Vulnerability - Windows 10
26050 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Apple iOS
25540 Microsoft Windows Error Reporting Service Privilege Escalation
Vulnerability - Windows 10
20940 Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - Any Version of MacOS
20430 Oracle Java SE Sandbox Bypass Vulnerability - Any Version of
MacOS
25550 Microsoft Windows Defender SmartScreen Security Feature Bypass
Vulnerability - Windows 10
32210 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2019
26580 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Apple iOS
13270 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Any Version of MacOS
20950 Oracle Java SE Runtime Environment (JRE) Arbitrary Code
Execution Vulnerability - Any Version of MacOS
26070 Apple Multiple Products WebKit Type Confusion Vulnerability -
Apple iOS
19930 Oracle Java SE Runtime Environment (JRE) Arbitrary Code
Execution Vulnerability - Any Version of MacOS
19440 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Any Version of MacOS
29680 Elasticsearch Groovy Scripting Engine Remote Code Execution
Vulnerability - Any Version of Linux
26610 Microsoft Windows Search Remote Code Execution Vulnerability -
Windows Server 2022
20470 Oracle Java SE and Java SE Embedded Remote Code Execution
Vulnerability - Any Version of MacOS
25080 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Any Version of MacOS
29690 Elasticsearch Remote Code Execution Vulnerability - Any
Version of Linux
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20241001/b7f3e283/attachment.html>
More information about the Besadmin-announcements
mailing list