[BESAdmin-Announcements] Contene Modification: Updates for Kev Content published 2025-10-27
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Mon Oct 27 12:07:14 PDT 2025
Total New Fixlets: 10
Total Updated Fixlets: 77
Total Fixlets in Site: 3210
Total CVEs Covered: 926
Release Date: 2025-10-27
New Fixlets:
40320 Microsoft Windows Server Update Service (WSUS) Deserialization
of Untrusted Data Vulnerability - Windows Server 2019
24130 WebRTC Heap Buffer Overflow Vulnerability - Any Version of
MacOS
40290 Microsoft Windows Server Update Service (WSUS) Deserialization
of Untrusted Data Vulnerability - Windows Server 2016
40330 WebRTC Heap Buffer Overflow Vulnerability - Apple iOS
40300 Microsoft Windows Server Update Service (WSUS) Deserialization
of Untrusted Data Vulnerability - Windows Server 2012 R2
40340 Microsoft Windows Server Update Service (WSUS) Deserialization
of Untrusted Data Vulnerability - Windows Server 2022
40310 Microsoft Windows Server Update Service (WSUS) Deserialization
of Untrusted Data Vulnerability - Windows Server 2012
23960 WebRTC Heap Buffer Overflow Vulnerability - Any Version of
Windows
24060 WebRTC Heap Buffer Overflow Vulnerability - Any Version of
Linux
40350 Microsoft Windows Server Update Service (WSUS) Deserialization
of Untrusted Data Vulnerability - Windows Server 2025
Updated Fixlets:
25980 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Apple iOS
28160 Google Chromium WebRTC Heap Buffer Overflow Vulnerability -
Any Version of Linux
16390 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
34310 Apple Multiple Products Type Confusion Vulnerability - Mac
10.14
15890 Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Windows
32790 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Ubuntu
34840 Android Kernel Remote Code Execution Vulnerability - Ubuntu
28190 Google Chromium WebRTC Heap Buffer Overflow Vulnerability -
Any Version of MacOS
33840 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
15410 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
39490 Mozilla Multiple Products Remote Code Execution Vulnerability
- Any Version of Windows
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
14930 WhatsApp Cross-Site Scripting Vulnerability - Any Version of
MacOS
29790 GitLab Community and Enterprise Editions Improper Access
Control Vulnerability - Any Version of Linux
15980 Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
38530 Linux Kernel Out-of-Bounds Read Vulnerability - RHEL
19590 Adobe Flash Player Stack-Based Buffer Overflow Vulnerability -
Any Version of MacOS
15510 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
15520 Oracle VirtualBox Insufficient Input Validation Vulnerability
- Any Version of Windows
22700 Zoho ManageEngine ServiceDesk Plus (SDP) File Upload
Vulnerability - Any Version of Windows
17580 Adobe Flash Player Stack-Based Buffer Overflow Vulnerability -
Any Version of Linux
30380 Linux Kernel Use-After-Free Vulnerability - Ubuntu
36020 Linux Kernel Out-of-Bounds Write Vulnerability - RHEL
37070 Linux Kernel Out-of-Bounds Read Vulnerability - Ubuntu
27350 Atlassian Confluence Data Center and Server Broken Access
Control Vulnerability - Any Version of Linux
37080 Linux Kernel Out-of-Bounds Access Vulnerability - Ubuntu
38620 Linux Kernel Improper Ownership Management Vulnerability -
Ubuntu
36580 Yealink Device Management Server-Side Request Forgery (SSRF)
Vulnerability - Any Version of CentOS
38650 Linux Kernel Improper Ownership Management Vulnerability -
RHEL
19710 Adobe Acrobat and Reader Double Free Vulnerability - Any
Version of MacOS
26880 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Windows
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
25350 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Windows
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
39700 Linux Kernel Heap Out-of-Bounds Write Vulnerability - RHEL
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
26920 JetBrains TeamCity Authentication Bypass Vulnerability - Any
Version of Windows
18730 ImageMagick Server-Side Request Forgery (SSRF) Vulnerability -
Any Version of Linux
26930 Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Windows
34100 Apple Multiple Products Type Confusion Vulnerability - Mac
10.15
28470 Spreadsheet::ParseExcel Remote Code Execution Vulnerability -
Any Version of Windows
22840 Zoho ManageEngine ServiceDesk Plus (SDP) File Upload
Vulnerability - Any Version of Linux
37180 Linux Kernel Out-of-Bounds Access Vulnerability - RHEL
15680 Adobe Flash Player Stack-Based Buffer Overflow Vulnerability -
Any Version of Windows
28480 Spreadsheet::ParseExcel Remote Code Execution Vulnerability -
Any Version of Linux
16200 Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Windows
28500 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of Windows
27990 Google Skia Integer Overflow Vulnerability - Any Version of
Windows
17750 GitLab Community and Enterprise Editions Remote Code Execution
Vulnerability - Any Version of Linux
39260 Meta Platforms WhatsApp Incorrect Authorization Vulnerability
- Any Version of MacOS
18270 ImageMagick Arbitrary File Deletion Vulnerability - Any
Version of Linux
28510 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of Linux
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
34150 Apple Multiple Products Type Confusion Vulnerability - Mac 11
28010 Google Skia Integer Overflow Vulnerability - Any Version of
Linux
39280 Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - RHEL
28530 Google Chromium V8 Out-of-Bounds Memory Access Vulnerability -
Any Version of MacOS
39290 Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - Oracle Linux
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
28040 Google Skia Integer Overflow Vulnerability - Any Version of
MacOS
32140 ImageMagick Improper Input Validation Vulnerability - Any
Version of Linux
16270 Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
13220 Apple Multiple Products Type Confusion Vulnerability - Any
Version of MacOS
32680 Apple iOS, iPadOS, and macOS WebKit Remote Code Execution
Vulnerability - Ubuntu
21430 Microsoft Exchange Server Remote Code Execution Vulnerability
- Exchange Server 2010
36790 Linux Kernel Use of Uninitialized Resource Vulnerability -
Ubuntu
15800 Adobe Acrobat and Reader Double Free Vulnerability - Any
Version of Windows
30140 Linux Kernel Use-After-Free Vulnerability - Ubuntu
39370 Sudo Inclusion of Functionality from Untrusted Control Sphere
Vulnerability - Ubuntu
15820 Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Windows
28130 Google Chromium WebRTC Heap Buffer Overflow Vulnerability -
Any Version of Windows
32740 Apple Multiple Products WebKit Integer Overflow Vulnerability
- Ubuntu
29680 Elasticsearch Groovy Scripting Engine Remote Code Execution
Vulnerability - Any Version of Linux
36850 Linux Kernel Use of Uninitialized Resource Vulnerability -
RHEL
16890 Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
28660 Linux Kernel Use-After-Free Vulnerability - Ubuntu
29690 Elasticsearch Remote Code Execution Vulnerability - Any
Version of Linux
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20251027/83e14cd9/attachment.html>
More information about the Besadmin-announcements
mailing list