[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-05-22

[Announcements for BES Administrators]

Total New Fixlets:      6
Total Updated Fixlets:  45
Total Fixlets in Site:  3045
Total CVEs Covered:     869
Release Date:           2025-05-22

New Fixlets:
    38420    ZKTeco BioTime Path Traversal Vulnerability - Any Version of
Windows
    38410    Linux Kernel Improper Privilege Management Vulnerability -
Ubuntu
    38500    Linux Kernel Improper Privilege Management Vulnerability - RHEL
    38470    Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting
(XSS) Vulnerability - Any Version of Linux
    38440    MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability
- Any Version of Windows
    38460    Srimax Output Messenger Directory Traversal Vulnerability -
Any Version of Windows


Updated Fixlets:
    14210    Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
    36870    Linux Kernel Use of Uninitialized Resource Vulnerability -
Oracle Linux
    33290    Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
    33300    Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
    8600    Microsoft Windows AppX Deployment Service (AppXSVC) Privilege
Escalation Vulnerability - Windows Server 2016
    31000    Microsoft XML Core Services Memory Corruption Vulnerability -
XML Core Services 5.0
    34840    Android Kernel Remote Code Execution Vulnerability - Ubuntu
    30840    Microsoft Office Remote Code Execution Vulnerability -
SharePoint
    28700    Linux Kernel Privilege Escalation Vulnerability - Ubuntu
    33310    Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
    37410    HTTP/2 Rapid Reset Attack Vulnerability - RHEL
    6060    Microsoft Task Scheduler Privilege Escalation Vulnerability -
Windows 10
    30380    Linux Kernel Use-After-Free Vulnerability - Ubuntu
    36790    Linux Kernel Use of Uninitialized Resource Vulnerability -
Ubuntu
    33340    Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
    30780    Microsoft .NET Framework, SharePoint, and Visual Studio Remote
Code Execution Vulnerability - SharePoint
    30140    Linux Kernel Use-After-Free Vulnerability - Ubuntu
    9410    Microsoft .NET Framework Remote Code Execution Vulnerability -
Windows Server 2012 R2
    33350    Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
    30790    Microsoft SharePoint Remote Code Execution Vulnerability -
SharePoint
    6600    Microsoft Windows AppX Deployment Service (AppXSVC) Privilege
Escalation Vulnerability - Windows 10
    36810    Apple Multiple Products WebKit Out-of-Bounds Write
Vulnerability - Debian
    8140    Microsoft Task Scheduler Privilege Escalation Vulnerability -
Windows Server 2016
    37070    Linux Kernel Out-of-Bounds Read Vulnerability - Ubuntu
    37200    Linux Kernel Out-of-Bounds Access Vulnerability - Oracle Linux
    17750    GitLab Community and Enterprise Editions Remote Code Execution
Vulnerability - Any Version of Linux
    33240    Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
    37720    Apple iOS Type Confusion Vulnerability - RHEL
    33370    Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
    37080    Linux Kernel Out-of-Bounds Access Vulnerability - Ubuntu
    29790    GitLab Community and Enterprise Editions Improper Access
Control Vulnerability - Any Version of Linux
    31710    Linux Kernel Heap-Based Buffer Overflow Vulnerability - Ubuntu
    14180    Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
    7140    Microsoft Task Scheduler Privilege Escalation Vulnerability -
Windows Server 2019
    7530    Microsoft Windows AppX Deployment Service (AppXSVC) Privilege
Escalation Vulnerability - Windows Server 2019
    28650    Linux Kernel Privilege Escalation Vulnerability - Ubuntu
    33260    Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - RHEL
    33390    Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
    31850    Linux Kernel Improper Privilege Management Vulnerability -
Oracle Linux
    14450    Plex Media Server Remote Code Execution Vulnerability - Any
Version of Windows
    1780    Microsoft .NET Framework Remote Code Execution Vulnerability -
Windows 8.1
    28660    Linux Kernel Use-After-Free Vulnerability - Ubuntu
    33270    Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
    33400    Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - RHEL
    36860    Apple Multiple Products WebKit Out-of-Bounds Write
Vulnerability - RHEL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250522/da6d4b94/attachment.html>