[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-10-21
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Tue Oct 21 12:37:53 PDT 2025
Total New Fixlets: 27
Total Updated Fixlets: 93
Total Fixlets in Site: 3198
Total CVEs Covered: 922
Release Date: 2025-10-21
New Fixlets:
40070 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows Server 2008 SP2
40200 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows 11
40080 Microsoft Windows Improper Access Control Vulnerability -
Windows Server 2008 SP2
40210 Microsoft Windows Improper Access Control Vulnerability -
Windows Server 2025
40090 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows Server 2008 SP2
40220 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows Server 2025
39970 Apple Multiple Products Unspecified Vulnerability - Any
Version of MacOS
40100 Apple Multiple Products Unspecified Vulnerability - Apple iOS
40230 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows Server 2025
39980 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows Server 2016
40110 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows Server 2022
39990 Microsoft Windows Improper Access Control Vulnerability -
Windows Server 2016
40120 Microsoft Windows Improper Access Control Vulnerability -
Windows Server 2022
40000 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows Server 2016
40130 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows Server 2022
40010 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows Server 2019
40140 Apple Multiple Products Unspecified Vulnerability - Mac 12+
40020 Microsoft Windows Improper Access Control Vulnerability -
Windows Server 2019
40150 Microsoft Windows Improper Access Control Vulnerability -
Windows Server 2008 R2
40030 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows Server 2019
40160 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows Server 2008 R2
40040 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows 10
40170 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows Server 2008 R2
40050 Microsoft Windows Improper Access Control Vulnerability -
Windows 10
40180 Microsoft Windows SMB Client Improper Access Control
Vulnerability - Windows 11
40060 Microsoft Windows Untrusted Pointer Dereference Vulnerability
- Windows 10
40190 Microsoft Windows Improper Access Control Vulnerability -
Windows 11
Updated Fixlets:
16390 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
36870 Linux Kernel Use of Uninitialized Resource Vulnerability -
Oracle Linux
33290 Apple Multiple Products WebKit Memory Corruption Vulnerability
- RHEL
15890 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Windows
33300 Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
17950 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
33310 Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
33840 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
15410 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
33850 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
33340 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
34880 Android Kernel Remote Code Execution Vulnerability - Oracle
Linux
39490 Mozilla Multiple Products Remote Code Execution Vulnerability
- Any Version of Windows
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
33860 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
39500 Mozilla Multiple Products Remote Code Execution Vulnerability
- Any Version of Linux
31820 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
14930 WhatsApp Cross-Site Scripting Vulnerability - Any Version of
MacOS
20050 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of MacOS
39510 Mozilla Multiple Products Remote Code Execution Vulnerability
- Any Version of MacOS
33370 Apple Multiple Products WebKit Code Execution Vulnerability -
RHEL
29790 GitLab Community and Enterprise Editions Improper Access
Control Vulnerability - Any Version of Linux
15980 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
33390 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
33400 Apple Multiple Products WebKit Out-of-Bounds Read
Vulnerability - RHEL
38530 Linux Kernel Out-of-Bounds Read Vulnerability - RHEL
31890 Linux Kernel Heap-Based Buffer Overflow Vulnerability - Oracle
Linux
15510 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
20120 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
38560 ConnectWise ScreenConnect Improper Authentication
Vulnerability - Any Version of Windows
31910 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
20650 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
36010 Linux Kernel Out-of-Bounds Write Vulnerability - SLE
36020 Linux Kernel Out-of-Bounds Write Vulnerability - RHEL
31940 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
20190 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
31970 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
18150 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Linux
29420 ConnectWise ScreenConnect Authentication Bypass Vulnerability
- Any Version of Windows
31990 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
38650 Linux Kernel Improper Ownership Management Vulnerability -
RHEL
26880 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Windows
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
25350 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Windows
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
25360 Apple Multiple Products Type Confusion Vulnerability - Any
Version of Windows
19730 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of MacOS
39700 Linux Kernel Heap Out-of-Bounds Write Vulnerability - RHEL
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
26930 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Windows
18230 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
25400 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Linux
37180 Linux Kernel Out-of-Bounds Access Vulnerability - RHEL
19780 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of MacOS
17220 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Linux
37190 Linux Kernel Out-of-Bounds Read Vulnerability - Oracle Linux
16200 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Windows
17740 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Linux
26960 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Linux
37200 Linux Kernel Out-of-Bounds Access Vulnerability - Oracle Linux
15700 TeamViewer Desktop Bypass Remote Login Vulnerability - Any
Version of Windows
17750 GitLab Community and Enterprise Editions Remote Code Execution
Vulnerability - Any Version of Linux
37720 Apple iOS Type Confusion Vulnerability - RHEL
16730 ImageMagick Server-Side Request Forgery (SSRF) Vulnerability -
Any Version of Windows
32090 ImageMagick Improper Input Validation Vulnerability - Any
Version of Windows
39260 Meta Platforms WhatsApp Incorrect Authorization Vulnerability
- Any Version of MacOS
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
26990 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Linux
23920 WebKitGTK Memory Corruption Vulnerability - Any Version of
Windows
39280 Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - RHEL
23930 Apple Multiple Products Type Confusion Vulnerability - Any
Version of Windows
39290 Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - Oracle Linux
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
19340 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of MacOS
16270 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
39310 Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - leap
19860 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of MacOS
17310 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
27040 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of MacOS
18340 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Linux
16310 ImageMagick Arbitrary File Deletion Vulnerability - Any
Version of Windows
17850 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Linux
27080 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of MacOS
15820 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Windows
33240 Apple Multiple Products WebKit Type Confusion Vulnerability -
RHEL
18910 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Linux
16360 Trihedral VTScada (formerly VTS) Denial-of-Service
Vulnerability - Any Version of Windows
33260 Apple iOS, iPadOS, and macOS Webkit Use-After-Free
Vulnerability - RHEL
16890 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
36850 Linux Kernel Use of Uninitialized Resource Vulnerability -
RHEL
33270 Apple Multiple Products WebKit Use-After-Free Vulnerability -
RHEL
19450 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
MacOS
36860 Apple Multiple Products WebKit Out-of-Bounds Write
Vulnerability - RHEL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20251021/f58ecdea/attachment.html>
More information about the Besadmin-announcements
mailing list