[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-03-06
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Thu Mar 6 10:56:35 PST 2025
Total New Fixlets: 19
Total Updated Fixlets: 100
Total Fixlets in Site: 2863
Total CVEs Covered: 824
Release Date: 2025-03-06
New Fixlets:
36230 SysAid Server Path Traversal Vulnerability - Any Version of
Windows
32780 Apple Multiple Products WebKit Code Execution Vulnerability -
Ubuntu
36240 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows Server 2012 R2
36250 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows Server 2012
32800 Apple Multiple Products WebKit Type Confusion Vulnerability -
Ubuntu
36260 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows Server 2016
15400 Checkbox Survey Deserialization of Untrusted Data
Vulnerability - Any Version of Windows
32690 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Ubuntu
32820 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Ubuntu
36280 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows 10
36290 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows Server 2008 SP2
32710 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Ubuntu
36300 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows Server 2008 R2 SP1
35660 VMware Tools Authentication Bypass Vulnerability - Ubuntu
36310 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows 7 SP1
32730 Apple Multiple Products WebKit Code Execution Vulnerability -
Ubuntu
36320 Microsoft Windows Win32k Improper Resource Shutdown or Release
Vulnerability - Windows 8.1
32760 Apple Multiple Products WebKit Type Confusion Vulnerability -
Ubuntu
36220 Progress WhatsUp Gold Path Traversal Vulnerability - Any
Version of Windows
Updated Fixlets:
33280 WebKitGTK Memory Corruption Vulnerability - RHEL
32770 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Ubuntu
32260 HTTP/2 Rapid Reset Attack Vulnerability - Windows 10
16390 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
33290 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
15890 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Windows
33300 Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
32790 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Ubuntu
34840 Android Kernel Remote Code Execution Vulnerability - Ubuntu
28700 Linux Kernel Privilege Escalation Vulnerability - Ubuntu
17950 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
33310 Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
33320 Apple Multiple Products WebKit Integer Overflow Vulnerability
- RHEL
32810 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - Ubuntu
33840 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
15410 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
33330 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
34870 Android Kernel Remote Code Execution Vulnerability - RHEL
33850 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
33340 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
30270 PHP-CGI OS Command Injection Vulnerability - Any Version of
Windows
34880 Android Kernel Remote Code Execution Vulnerability - Oracle
Linux
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
33860 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
33350 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
33360 Apple Multiple Products WebKit Storage Use-After-Free
Vulnerability - RHEL
20050 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of MacOS
32340 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2022
33370 Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
33380 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - RHEL
15980 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
33390 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
33400 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - RHEL
32400 HTTP/2 Rapid Reset Attack Vulnerability - Windows 11
15510 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
20120 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
29340 Red Hat Polkit Incorrect Authorization Vulnerability - RHEL
20650 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
30380 Linux Kernel Use-After-Free Vulnerability - Ubuntu
36020 Linux Kernel Out-of-Bounds Write Vulnerability - RHEL
32440 Progress WhatsUp Gold SQL Injection Vulnerability - Any
Version of Windows
19660 Mozilla Firefox Security Feature Bypass Vulnerability - Any
Version of MacOS
20190 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
19170 Webmin Command Injection Vulnerability - Any Version of Linux
18150 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Linux
29420 ConnectWise ScreenConnect Authentication Bypass Vulnerability
- Any Version of Windows
28910 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability -
RHEL
17650 Mozilla Firefox Security Feature Bypass Vulnerability - Any
Version of Linux
28920 Sudo Heap-Based Buffer Overflow Vulnerability - RHEL
26880 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Windows
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
25350 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Windows
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
19730 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of MacOS
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
26930 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Windows
26420 Microsoft .NET Core and Visual Studio Denial-of-Service
Vulnerability - Any Version of Windows
18230 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
25400 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Linux
19780 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of MacOS
17220 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
16200 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Windows
17740 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Linux
26960 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Linux
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
26990 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Linux
32120 HTTP/2 Rapid Reset Attack Vulnerability - Any Version of
Windows
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
15750 Mozilla Firefox Security Feature Bypass Vulnerability - Any
Version of Windows
19340 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
16270 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
19860 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
17310 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
32670 Apple Multiple Products WebKit Type Confusion Vulnerability -
Ubuntu
27040 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of MacOS
18340 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
32680 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Ubuntu
17850 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Linux
30140 Linux Kernel Use-After-Free Vulnerability - Ubuntu
32190 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2016
27080 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of MacOS
15820 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Windows
32720 Apple Multiple Products WebKit Use-After-Free Vulnerability -
Ubuntu
28630 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability -
Ubuntu
33240 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
35800 VMware Tools Authentication Bypass Vulnerability - RHEL
32220 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2019
18910 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
31710 Linux Kernel Heap-Based Buffer Overflow Vulnerability - Ubuntu
28640 Sudo Heap-Based Buffer Overflow Vulnerability - Ubuntu
33250 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - RHEL
32740 Apple Multiple Products WebKit Integer Overflow Vulnerability
- Ubuntu
28650 Linux Kernel Privilege Escalation Vulnerability - Ubuntu
33260 Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - RHEL
32750 Apple Multiple Products WebKit Memory Corruption Vulnerability
- Ubuntu
16890 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
28660 Linux Kernel Use-After-Free Vulnerability - Ubuntu
33270 Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
19450 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
28670 Linux Kernel Privilege Escalation Vulnerability - Ubuntu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250306/50050d3e/attachment.html>
More information about the Besadmin-announcements
mailing list