[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-11-10
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Mon Nov 10 08:40:15 PST 2025
Total New Fixlets: 2
Total Updated Fixlets: 34
Total Fixlets in Site: 3217
Total CVEs Covered: 930
Release Date: 2025-11-10
New Fixlets:
40490 Gladinet CentreStack and Triofox Files or Directories
Accessible to External Parties Vulnerability - Any Version of Windows
40500 CWP Control Web Panel OS Command Injection Vulnerability - Any
Version of CentOS
Updated Fixlets:
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
38530 Linux Kernel Out-of-Bounds Read Vulnerability - RHEL
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
36870 Linux Kernel Use of Uninitialized Resource Vulnerability -
Oracle Linux
31890 Linux Kernel Heap-Based Buffer Overflow Vulnerability - Oracle
Linux
39700 Linux Kernel Heap Out-of-Bounds Write Vulnerability - RHEL
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
1050 Drupal Core Remote Code Execution Vulnerability - Any Operating
System
31910 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
22700 Zoho ManageEngine ServiceDesk Plus (SDP) File Upload
Vulnerability - Any Version of Windows
39290 Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - Oracle Linux
33200 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - SLE
36020 Linux Kernel Out-of-Bounds Write Vulnerability - RHEL
22840 Zoho ManageEngine ServiceDesk Plus (SDP) File Upload
Vulnerability - Any Version of Linux
37180 Linux Kernel Out-of-Bounds Access Vulnerability - RHEL
34880 Android Kernel Remote Code Execution Vulnerability - Oracle
Linux
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
31940 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
37190 Linux Kernel Out-of-Bounds Read Vulnerability - Oracle Linux
14410 PlaySMS Server-Side Template Injection Vulnerability - Any
Operating System
31820 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
37200 Linux Kernel Out-of-Bounds Access Vulnerability - Oracle Linux
14290 WordPress File Manager Plugin Remote Code Execution
Vulnerability - Any Operating System
14930 WhatsApp Cross-Site Scripting Vulnerability - Any Version of
MacOS
39260 Meta Platforms WhatsApp Incorrect Authorization Vulnerability
- Any Version of MacOS
31970 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
16360 Trihedral VTScada (formerly VTS) Denial-of-Service
Vulnerability - Any Version of Windows
39280 Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - RHEL
36850 Linux Kernel Use of Uninitialized Resource Vulnerability -
RHEL
17140 Zoho ManageEngine Desktop Central File Upload Vulnerability -
Any Version of Windows
31990 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
38650 Linux Kernel Improper Ownership Management Vulnerability -
RHEL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20251110/8dbdc1bc/attachment.html>
More information about the Besadmin-announcements
mailing list