[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-01-30
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Thu Jan 30 08:43:28 PST 2025
Total New Fixlets: 6
Total Updated Fixlets: 251
Total Fixlets in Site: 2792
Total CVEs Covered: 795
Release Date: 2025-01-30
New Fixlets:
35520 Jenkins User Interface (UI) Information Disclosure
Vulnerability - Any Version of Windows
35590 Jenkins Command Line Interface (CLI) Path Traversal
Vulnerability - Any Version of Linux
35560 Jenkins Stapler Web Framework Deserialization of Untrusted
Data Vulnerability - Any Version of Windows
35570 JQuery Cross-Site Scripting (XSS) Vulnerability - Any
Operating System
35580 Jenkins User Interface (UI) Information Disclosure
Vulnerability - Any Version of Linux
35550 Jenkins Command Line Interface (CLI) Path Traversal
Vulnerability - Any Version of Windows
Updated Fixlets:
28160 Google Chromium WebRTC Heap Buffer Overflow Vulnerability -
Any Version of Linux
32770 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Ubuntu
32260 HTTP/2 Rapid Reset Attack Vulnerability - Windows 10
31750 Google Chromium V8 Inappropriate Implementation Vulnerability
- Any Version of Linux
18440 Google Chromium V8 Memory Corruption Vulnerability - Any
Version of Linux
25100 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
32270 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2008 SP2
31760 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
18450 Google Chromium Blink Use-After-Free Vulnerability - Any
Version of Linux
20500 Google Chromium Network Service Use-After-Free Vulnerability -
Any Version of MacOS
17940 Google Chrome Use-After-Free Vulnerability - Any Version of
Linux
19990 Google Chromium V8 Integer Overflow Vulnerability - Any
Version of MacOS
32280 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2008 SP2
34840 Android Kernel Remote Code Execution Vulnerability - Ubuntu
16410 Google Chrome WebAudio Use-After-Free Vulnerability - Any
Version of Windows
31770 Google Chromium V8 Inappropriate Implementation Vulnerability
- Any Version of MacOS
18460 Google Chrome Blink Use-After-Free Vulnerability - Any Version
of Linux
26140 Apple Multiple Products WebKit Type Confusion Vulnerability -
Apple iOS
28190 Google Chromium WebRTC Heap Buffer Overflow Vulnerability -
Any Version of MacOS
33310 Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
25120 Apple Multiple Products WebKit Sandbox Escape Vulnerability -
Any Version of MacOS
30240 Linux Kernel Use-After-Free Vulnerability - RHEL
31780 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
20520 Google Chromium V8 Out-of-Bounds Read Vulnerability - Any
Version of MacOS
17450 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
15920 Google Chromium Indexed DB API Use-After-Free Vulnerability -
Any Version of Windows
18480 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
20530 Google Chromium GPU Heap Buffer Overflow Vulnerability - Any
Version of MacOS
34870 Android Kernel Remote Code Execution Vulnerability - RHEL
20540 Google Chromium V8 Incorrect Implementation Vulnerabililty -
Any Version of MacOS
17980 Google Chromium Intents Insufficient Input Validation
Vulnerability - Any Version of Linux
20030 Google Chromium Portals Use-After-Free Vulnerability - Any
Version of MacOS
33340 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
19520 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
32320 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2022
19010 Google Chromium V8 Out-of-Bounds Memory Vulnerability - Any
Version of Linux
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
34880 Android Kernel Remote Code Execution Vulnerability - Oracle
Linux
34370 Apple Multiple Products WebKit Code Execution Vulnerability -
Mac 12+
33350 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
17480 Google Chromium V8 Heap Buffer Overflow Vulnerability - Any
Version of Linux
32330 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2022
19020 Google Chromium V8 Use-After-Free Vulnerability - Any Version
of Linux
34380 Apple Multiple Products Integer Overflow Vulnerability - Mac
12+
19540 Google Chromium V8 Heap Buffer Overflow Vulnerability - Any
Version of MacOS
32340 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2022
20570 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
18010 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of Linux
16480 Google Chromium V8 Memory Corruption Vulnerability - Any
Version of Windows
15970 Google Chrome Use-After-Free Vulnerability - Any Version of
Windows
17000 Google Chromium V8 Out-of-Bounds Memory Vulnerability - Any
Version of Windows
34410 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Mac 12+
18540 Google Chromium Blink Use-After-Free Vulnerability - Any
Version of Linux
15470 Google Chromium Race Condition Vulnerability - Any Version of
Windows
22640 Google Chrome Skia Integer Overflow Vulnerability - Any
Version of Windows
17010 Google Chromium V8 Use-After-Free Vulnerability - Any Version
of Windows
19570 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of MacOS
16500 Google Chromium Blink Use-After-Free Vulnerability - Any
Version of Windows
18040 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of Linux
20090 Google Chromium Information Disclosure Vulnerability - Any
Version of MacOS
32380 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows 11
16510 Google Chrome Blink Use-After-Free Vulnerability - Any Version
of Windows
20610 Google Chromium Animation Use-After-Free Vulnerability - Any
Version of MacOS
20100 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
17540 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of Linux
32390 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows 11
32900 Apple Multiple Products WebKit Code Execution Vulnerability -
Debian
16520 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
19080 Google Chrome FreeType Heap Buffer Overflow Vulnerability -
Any Version of Linux
22670 PaperCut MF/NG Improper Access Control Vulnerability - Any
Version of Windows
29840 Google Chromium Visuals Use-After-Free Vulnerability - Any
Version of Windows
19600 Google Chromium Mojo Insufficient Data Validation
Vulnerability - Any Version of MacOS
32400 HTTP/2 Rapid Reset Attack Vulnerability - Windows 11
29850 CrushFTP VFS Sandbox Escape Vulnerability - Any Version of
Windows
19610 TeamViewer Desktop Bypass Remote Login Vulnerability - Any
Version of MacOS
16030 Google Chromium Intents Insufficient Input Validation
Vulnerability - Any Version of Windows
18590 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
15520 Oracle VirtualBox Insufficient Input Validation Vulnerability
- Any Version of Windows
32930 Apple Multiple Products WebKit Type Confusion Vulnerability -
Debian
17060 Google Chrome FreeType Heap Buffer Overflow Vulnerability -
Any Version of Windows
29860 Google Chromium Visuals Use-After-Free Vulnerability - Any
Version of Linux
18090 Google Chromium V8 Integer Overflow Vulnerability - Any
Version of Linux
32940 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Debian
19630 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
29870 CrushFTP VFS Sandbox Escape Vulnerability - Any Version of
Linux
16560 Google Chromium Blink Use-After-Free Vulnerability - Any
Version of Windows
20150 Google Chromium V8 Memory Corruption Vulnerability - Any
Version of MacOS
17590 Google Chromium Mojo Insufficient Data Validation
Vulnerability - Any Version of Linux
17080 Google Chromium V8 Use-After-Free Vulnerability - Any Version
of Windows
29880 Google Chromium Visuals Use-After-Free Vulnerability - Any
Version of MacOS
19130 Google Chromium V8 Use-After-Free Vulnerability - Any Version
of Linux
22710 Jenkins Stapler Web Framework Deserialization of Untrusted
Data Vulnerability - Any Version of Linux
16060 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of Windows
18110 Grafana Authentication Bypass Vulnerability - Any Version of
Linux
25790 Apple Multiple Products WebKit Sandbox Escape Vulnerability -
Apple iOS
17600 TeamViewer Desktop Bypass Remote Login Vulnerability - Any
Version of Linux
17090 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
29890 Microsoft Windows MSHTML Platform Security Feature Bypass
Vulnerability - Windows Server 2016
29900 Microsoft Windows MSHTML Platform Security Feature Bypass
Vulnerability - Windows Server 2019
16590 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
34510 Apple Multiple Products WebKit Type Confusion Vulnerability -
Mac 12+
18130 Google Chromium Portals Use-After-Free Vulnerability - Any
Version of Linux
33490 Apple Multiple Products WebKit Type Confusion Vulnerability -
Oracle Linux
20180 Google Chromium V8 Remote Code Execution Vulnerability - Any
Version of MacOS
17620 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
19670 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
29910 Microsoft Windows MSHTML Platform Security Feature Bypass
Vulnerability - Windows 10
34520 Apple Multiple Products WebKit Sandbox Escape Vulnerability -
Mac 12+
16090 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of Windows
33500 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Oracle Linux
17120 Google Chromium V8 Improper Input Validation Vulnerability -
Any Version of Windows
29920 Microsoft Windows MSHTML Platform Security Feature Bypass
Vulnerability - Windows Server 2022
18660 Google Chrome Media Prior to 81.0.4044.92 Use-After-Free
Vulnerability - Any Version of Linux
15590 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
20200 Google Chrome WebAudio Use-After-Free Vulnerability - Any
Version of MacOS
29930 Microsoft Windows MSHTML Platform Security Feature Bypass
Vulnerability - Windows 11
29420 ConnectWise ScreenConnect Authentication Bypass Vulnerability
- Any Version of Windows
19180 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
18670 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
20720 Google Chromium V8 Out-of-Bounds Memory Vulnerability - Any
Version of MacOS
25840 Apple Multiple Products Integer Overflow Vulnerability - Apple
iOS
29940 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
19700 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
31990 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
34550 Apple Multiple Products Kernel Unspecified Vulnerability - Mac
12+
15610 Google Chromium V8 Heap Buffer Overflow Vulnerability - Any
Version of Windows
20730 Google Chromium V8 Use-After-Free Vulnerability - Any Version
of MacOS
22780 Google Chrome Skia Integer Overflow Vulnerability - Any
Version of Linux
29950 Google Chromium V8 Out-of-Bounds Memory Write Vulnerability -
Any Version of Windows
16640 Google Chrome Media Prior to 81.0.4044.92 Use-After-Free
Vulnerability - Any Version of Windows
26880 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Windows
18690 Google Chromium PopupBlocker Security Bypass Vulnerability -
Any Version of Linux
19200 Google Chromium V8 Improper Input Validation Vulnerability -
Any Version of Linux
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
17670 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
19720 Google Chromium WebGL Use-After-Free Vulnerability - Any
Version of MacOS
26890 Progress WS_FTP Server Deserialization of Untrusted Data
Vulnerability - Any Version of Windows
16140 Google Chromium V8 Integer Overflow Vulnerability - Any
Version of Windows
18190 Google Chromium Information Disclosure Vulnerability - Any
Version of Linux
25870 Apple Multiple Products WebKit Code Execution Vulnerability -
Apple iOS
16660 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
18200 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
17690 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
20260 Google Chromium V8 Memory Corruption Vulnerability - Any
Version of MacOS
16680 Google Chromium PopupBlocker Security Bypass Vulnerability -
Any Version of Windows
15660 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of Windows
20270 Google Chromium Blink Use-After-Free Vulnerability - Any
Version of MacOS
26930 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Windows
16180 Google Chromium Portals Use-After-Free Vulnerability - Any
Version of Windows
26420 Microsoft .NET Core and Visual Studio Denial-of-Service
Vulnerability - Any Version of Windows
28470 Spreadsheet::ParseExcel Remote Code Execution Vulnerability -
Any Version of Windows
20790 Google Chrome FreeType Heap Buffer Overflow Vulnerability -
Any Version of MacOS
20280 Google Chrome Blink Use-After-Free Vulnerability - Any Version
of MacOS
18740 Google Chromium Network Service Use-After-Free Vulnerability -
Any Version of Linux
17210 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
30010 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
28480 Spreadsheet::ParseExcel Remote Code Execution Vulnerability -
Any Version of Linux
20290 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
17730 Google Chromium WebGL Use-After-Free Vulnerability - Any
Version of Linux
18760 Google Chromium V8 Out-of-Bounds Read Vulnerability - Any
Version of Linux
15690 Google Chromium Mojo Insufficient Data Validation
Vulnerability - Any Version of Windows
26960 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Linux
28500 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of Windows
20820 Google Chromium V8 Use-After-Free Vulnerability - Any Version
of MacOS
27990 Google Skia Integer Overflow Vulnerability - Any Version of
Windows
19800 Google Chromium Indexed DB API Use-After-Free Vulnerability -
Any Version of MacOS
30040 Google Chromium V8 Out-of-Bounds Memory Write Vulnerability -
Any Version of Linux
18780 Google Chromium GPU Heap Buffer Overflow Vulnerability - Any
Version of Linux
28510 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of Linux
20320 Google Chromium Blink Use-After-Free Vulnerability - Any
Version of MacOS
22880 Google Chrome Skia Integer Overflow Vulnerability - Any
Version of MacOS
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
18790 Google Chromium V8 Incorrect Implementation Vulnerabililty -
Any Version of Linux
15720 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
20840 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
18280 Google Chromium V8 Memory Corruption Vulnerability - Any
Version of Linux
28010 Google Skia Integer Overflow Vulnerability - Any Version of
Linux
30060 Google Chromium V8 Out-of-Bounds Memory Write Vulnerability -
Any Version of MacOS
17260 Google Chromium Race Condition Vulnerability - Any Version of
Linux
26990 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Linux
33130 Apple Multiple Products WebKit Code Execution Vulnerability -
SLE
16240 Google Chromium Information Disclosure Vulnerability - Any
Version of Windows
28530 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of MacOS
28020 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Any Version of MacOS
30070 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
32120 HTTP/2 Rapid Reset Attack Vulnerability - Any Version of
Windows
16760 Google Chromium Network Service Use-After-Free Vulnerability -
Any Version of Windows
16250 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
20860 Google Chromium V8 Improper Input Validation Vulnerability -
Any Version of MacOS
20350 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
22910 PaperCut MF/NG Improper Access Control Vulnerability - Any
Version of MacOS
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
16770 Google Chromium V8 Out-of-Bounds Read Vulnerability - Any
Version of Windows
19330 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
34180 Apple Multiple Products Integer Overflow Vulnerability - Mac 11
28040 Google Skia Integer Overflow Vulnerability - Any Version of
MacOS
33160 Apple Multiple Products WebKit Type Confusion Vulnerability -
SLE
27530 Roundcube Webmail Persistent Cross-Site Scripting (XSS)
Vulnerability - Any Operating System
19850 Google Chrome Use-After-Free Vulnerability - Any Version of
MacOS
18830 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
15760 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
18320 Google Chromium V8 Remote Code Execution Vulnerability - Any
Version of Linux
28050 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Apple iOS
33170 Apple Multiple Products WebKit Memory Corruption Vulnerability
- SLE
16790 Google Chromium GPU Heap Buffer Overflow Vulnerability - Any
Version of Windows
28570 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
16800 Google Chromium V8 Incorrect Implementation Vulnerabililty -
Any Version of Windows
27040 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of MacOS
18850 Google Chromium Animation Use-After-Free Vulnerability - Any
Version of Linux
15780 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
28580 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
25510 Apple Multiple Products WebKit Code Execution Vulnerability -
Any Version of MacOS
26020 Apple Multiple Products Kernel Unspecified Vulnerability -
Apple iOS
32170 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2016
28590 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
18350 Google Chrome WebAudio Use-After-Free Vulnerability - Any
Version of Linux
20400 Google Chrome Media Prior to 81.0.4044.92 Use-After-Free
Vulnerability - Any Version of MacOS
25520 Apple Multiple Products WebKit Type Confusion Vulnerability -
Any Version of MacOS
32180 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2016
30140 Linux Kernel Use-After-Free Vulnerability - Ubuntu
16830 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
19390 Google Chromium Race Condition Vulnerability - Any Version of
MacOS
16320 Google Chromium V8 Memory Corruption Vulnerability - Any
Version of Windows
32190 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2016
15810 Google Chromium WebGL Use-After-Free Vulnerability - Any
Version of Windows
20420 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
19910 Google Chromium Intents Insufficient Input Validation
Vulnerability - Any Version of MacOS
27080 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of MacOS
32200 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows Server 2019
25040 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
30160 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
16850 Google Chromium Animation Use-After-Free Vulnerability - Any
Version of Windows
19920 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of MacOS
32210 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows Server 2019
20440 Google Chromium PopupBlocker Security Bypass Vulnerability -
Any Version of MacOS
17880 Google Chromium Indexed DB API Use-After-Free Vulnerability -
Any Version of Linux
32220 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2019
28130 Google Chromium WebRTC Heap Buffer Overflow Vulnerability -
Any Version of Windows
19940 Google Chromium V8 Out-of-Bounds Write Vulnerability - Any
Version of MacOS
25060 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
32230 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows 10
30180 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Linux
20970 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
32240 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows 10
16370 Google Chromium V8 Remote Code Execution Vulnerability - Any
Version of Windows
31730 Google Chromium V8 Inappropriate Implementation Vulnerability
- Any Version of Windows
34290 Apple Multiple Products Kernel Unspecified Vulnerability - Mac
11
30200 Google Chromium V8 Type Confusion Vulnerability - Any Version
of MacOS
31740 Google Chromium V8 Type Confusion Vulnerability - Any Version
of Windows
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250130/ee6d0b5e/attachment.html>
More information about the Besadmin-announcements
mailing list