[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-05-19
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Mon May 19 11:03:27 PDT 2025
Total New Fixlets: 3
Total Updated Fixlets: 106
Total Fixlets in Site: 3043
Total CVEs Covered: 866
Release Date: 2025-05-19
New Fixlets:
38400 Google Chromium Loader Insufficient Policy Enforcement
Vulnerability - Any Version of MacOS
38370 Google Chromium Loader Insufficient Policy Enforcement
Vulnerability - Any Version of Windows
38380 Google Chromium Loader Insufficient Policy Enforcement
Vulnerability - Any Version of Linux
Updated Fixlets:
12800 Apache Tomcat Remote Code Execution Vulnerability - Any
Version of Windows
16390 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
36870 Linux Kernel Use of Uninitialized Resource Vulnerability -
Oracle Linux
15890 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Windows
17950 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
33840 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
15410 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
34870 Android Kernel Remote Code Execution Vulnerability - RHEL
33850 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
34880 Android Kernel Remote Code Execution Vulnerability - Oracle
Linux
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
33860 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
31820 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
20050 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of MacOS
29790 GitLab Community and Enterprise Editions Improper Access
Control Vulnerability - Any Version of Linux
37990 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows Server 2016
15980 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
38000 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows Server 2016
38010 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2016
38020 Microsoft Windows Ancillary Function Driver for WinSock
Use-After-Free Vulnerability - Windows Server 2016
38030 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2012 R2
31890 Linux Kernel Heap-Based Buffer Overflow Vulnerability - Oracle
Linux
15510 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
20120 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
38040 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2012
38050 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows Server 2019
34980 Spring Framework JDK 9+ Remote Code Execution Vulnerability -
Any Version of Windows
31910 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
20650 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
38060 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows Server 2019
34990 Apache Tomcat Improper Privilege Management Vulnerability -
Any Version of Windows
36020 Linux Kernel Out-of-Bounds Write Vulnerability - RHEL
38070 Microsoft Windows DWM Core Library Use-After-Free
Vulnerability - Windows Server 2019
38080 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2019
31940 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
38090 Microsoft Windows Ancillary Function Driver for WinSock
Use-After-Free Vulnerability - Windows Server 2019
19660 Mozilla Firefox Security Feature Bypass Vulnerability - Any
Version of MacOS
38100 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows 10
35030 Apache Tomcat Remote Code Execution Vulnerability - Any
Version of Windows
20190 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
38110 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows 10
31970 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
18150 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Linux
38120 Microsoft Windows DWM Core Library Use-After-Free
Vulnerability - Windows 10
38130 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows 10
17650 Mozilla Firefox Security Feature Bypass Vulnerability - Any
Version of Linux
31990 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
38140 Microsoft Windows Ancillary Function Driver for WinSock
Use-After-Free Vulnerability - Windows 10
26880 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Windows
37120 Apache Tomcat Path Equivalence Vulnerability - Any Version of
Windows
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
25350 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Windows
38150 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows Server 2008 SP2
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
38160 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows Server 2008 SP2
19730 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of MacOS
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
38170 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2008 SP2
38180 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows Server 2022
38190 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows Server 2022
26930 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Windows
18230 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
38200 Microsoft Windows DWM Core Library Use-After-Free
Vulnerability - Windows Server 2022
25400 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Linux
37180 Linux Kernel Out-of-Bounds Access Vulnerability - RHEL
38210 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2022
19780 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of MacOS
17220 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
37190 Linux Kernel Out-of-Bounds Read Vulnerability - Oracle Linux
16200 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Windows
38220 Microsoft Windows Ancillary Function Driver for WinSock
Use-After-Free Vulnerability - Windows Server 2022
17740 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Linux
26960 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Linux
37200 Linux Kernel Out-of-Bounds Access Vulnerability - Oracle Linux
38230 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows Server 2008 R2
17750 GitLab Community and Enterprise Editions Remote Code Execution
Vulnerability - Any Version of Linux
35670 VMware Tools Authentication Bypass Vulnerability - Debian
38240 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2008 R2
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
38250 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows Server 2008 R2
26990 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Linux
38260 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows 11
38270 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows 11
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
15750 Mozilla Firefox Security Feature Bypass Vulnerability - Any
Version of Windows
38280 Microsoft Windows DWM Core Library Use-After-Free
Vulnerability - Windows 11
19340 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
16270 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
38290 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows 11
19860 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
38300 Microsoft Windows Ancillary Function Driver for WinSock
Use-After-Free Vulnerability - Windows 11
17310 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
27040 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of MacOS
18340 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
38310 Microsoft Windows DWM Core Library Use-After-Free
Vulnerability - Windows Server 2025
38320 Microsoft Windows Common Log File System (CLFS) Driver
Use-After-Free Vulnerability - Windows Server 2025
17850 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Linux
38330 Microsoft Windows Scripting Engine Type Confusion
Vulnerability - Windows Server 2025
38340 Microsoft Windows Ancillary Function Driver for WinSock
Use-After-Free Vulnerability - Windows Server 2025
27080 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of MacOS
15820 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Windows
38350 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows Server 2025
18910 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
16890 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
36850 Linux Kernel Use of Uninitialized Resource Vulnerability -
RHEL
19450 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250519/6a63d081/attachment.html>
More information about the Besadmin-announcements
mailing list