[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-12-29

Announcements for BES Administrators besadmin-announcements at bigmail.bigfix.com
Mon Dec 29 10:25:18 PST 2025 

Total New Fixlets:      3
Total Updated Fixlets:  68
Total Fixlets in Site:  3247
Total CVEs Covered:     944
Release Date:           2025-12-29

New Fixlets:
    40640    Apple Multiple Products Use-After-Free WebKit Vulnerability -
Debian
    40760    Apple Multiple Products Use-After-Free WebKit Vulnerability -
Oracle Linux
    40630    Google Chromium Out of Bounds Memory Access Vulnerability -
Debian


Updated Fixlets:
    14210    Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
    32900    Apple Multiple Products WebKit Code Execution Vulnerability -
Debian
    35590    Jenkins Command Line Interface (CLI) Path Traversal
Vulnerability - Any Version of Linux
    33290    Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
    19340    Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
    32140    ImageMagick Improper Input Validation Vulnerability - Any
Version of Linux
    39440    GNU Bash OS Command Injection Vulnerability - SLE
    19730    Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of MacOS
    19860    Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
    33300    Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
    20120    Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
    17310    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
    17950    Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
    27040    Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of MacOS
    33310    Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
    32930    Apple Multiple Products WebKit Type Confusion Vulnerability -
Debian
    18340    Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
    20650    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
    18730    ImageMagick Server-Side Request Forgery (SSRF) Vulnerability -
Any Version of Linux
    39850    Jenkins Remote Code Execution Vulnerability - Any Version of
Linux
    32940    Apple Multiple Products WebKit Memory Corruption Vulnerability
- Debian
    40750    Apple Multiple Products Use-After-Free WebKit Vulnerability -
RHEL
    31920    Sudo Heap-Based Buffer Overflow Vulnerability - Oracle Linux
    16310    ImageMagick Arbitrary File Deletion Vulnerability - Any
Version of Windows
    18230    Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
    22710    Jenkins Stapler Web Framework Deserialization of Untrusted
Data Vulnerability - Any Version of Linux
    25400    Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Linux
    17850    Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Linux
    33850    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
    33340    Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
    39420    GNU Bash OS Command Injection Vulnerability - Oracle Linux
    32830    Apple Multiple Products WebKit Type Confusion Vulnerability -
Debian
    32960    Apple Multiple Products WebKit Code Execution Vulnerability -
Debian
    19780    Mozilla Firefox Information Disclosure Vulnerability - Any
Version of MacOS
    33860    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
    17220    Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
    27080    Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of MacOS
    40650    RARLAB WinRAR Path Traversal Vulnerability - Any Version of
Windows
    36810    Apple Multiple Products WebKit Out-of-Bounds Write
Vulnerability - Debian
    17740    Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Linux
    39500    Mozilla Multiple Products Remote Code Execution Vulnerability
- Any Version of Linux
    26960    Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Linux
    20050    Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of MacOS
    15700    TeamViewer Desktop Bypass Remote Login Vulnerability - Any
Version of Windows
    39380    GNU Bash OS Command Injection Vulnerability - Ubuntu
    39510    Mozilla Multiple Products Remote Code Execution Vulnerability
- Any Version of MacOS
    33240    Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
    37720    Apple iOS Type Confusion Vulnerability - RHEL
    32090    ImageMagick Improper Input Validation Vulnerability - Any
Version of Windows
    16730    ImageMagick Server-Side Request Forgery (SSRF) Vulnerability -
Any Version of Windows
    33370    Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
    32860    Apple Multiple Products WebKit Use-After-Free Vulnerability -
Debian
    20190    Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
    18270    ImageMagick Arbitrary File Deletion Vulnerability - Any
Version of Linux
    18910    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
    32990    Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Debian
    14180    Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
    18150    Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Linux
    33000    Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Debian
    33260    Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - RHEL
    33400    Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - RHEL
    26990    Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Linux
    33390    Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
    36860    Apple Multiple Products WebKit Out-of-Bounds Write
Vulnerability - RHEL
    33270    Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
    28920    Sudo Heap-Based Buffer Overflow Vulnerability - RHEL
    19450    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
    35580    Jenkins User Interface (UI) Information Disclosure
Vulnerability - Any Version of Linux
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20251229/e765bfc4/attachment.html>

More information about the Besadmin-announcements mailing list