[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-09-22

[Announcements for BES Administrators]

Total New Fixlets:      1
Total Updated Fixlets:  44
Total Fixlets in Site:  3119
Total CVEs Covered:     904
Release Date:           2025-09-22

New Fixlets:
    39320    Sitecore Multiple Products Deserialization of Untrusted Data
Vulnerability - Any Version of Windows


Updated Fixlets:
    26880    Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Any Version of Windows
    14210    Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
    29690    Elasticsearch Remote Code Execution Vulnerability - Any
Version of Linux
    28930    Linux Kernel Use-After-Free Vulnerability - RHEL
    16390    Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
    25350    Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of Windows
    30470    Linux Kernel Use-After-Free Vulnerability - RHEL
    38530    Linux Kernel Out-of-Bounds Read Vulnerability - RHEL
    36870    Linux Kernel Use of Uninitialized Resource Vulnerability -
Oracle Linux
    38660    Linux Kernel Improper Ownership Management Vulnerability -
Oracle Linux
    16270    Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
    15890    Mozilla Firefox Information Disclosure Vulnerability - Any
Version of Windows
    31890    Linux Kernel Heap-Based Buffer Overflow Vulnerability - Oracle
Linux
    15510    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
    28950    Linux Kernel Privilege Escalation Vulnerability - RHEL
    38650    Linux Kernel Improper Ownership Management Vulnerability -
RHEL
    31910    Linux Kernel Use-After-Free Vulnerability - Oracle Linux
    39290    Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - Oracle Linux
    33840    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
    15410    Mozilla Firefox and Thunderbird Type Confusion Vulnerability -
Any Version of Windows
    26930    Google Chromium libvpx Heap Buffer Overflow Vulnerability -
Any Version of Windows
    36020    Linux Kernel Out-of-Bounds Write Vulnerability - RHEL
    34870    Android Kernel Remote Code Execution Vulnerability - RHEL
    37180    Linux Kernel Out-of-Bounds Access Vulnerability - RHEL
    34880    Android Kernel Remote Code Execution Vulnerability - Oracle
Linux
    31810    Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
    31940    Linux Kernel Use-After-Free Vulnerability - Oracle Linux
    37190    Linux Kernel Out-of-Bounds Read Vulnerability - Oracle Linux
    16200    Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability -
Any Version of Windows
    15820    Mozilla Firefox and Thunderbird Denial-of-Service
Vulnerability - Any Version of Windows
    31820    Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
    37200    Linux Kernel Out-of-Bounds Access Vulnerability - Oracle Linux
    17750    GitLab Community and Enterprise Editions Remote Code Execution
Vulnerability - Any Version of Linux
    29790    GitLab Community and Enterprise Editions Improper Access
Control Vulnerability - Any Version of Linux
    31970    Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
    14180    Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
    31850    Linux Kernel Improper Privilege Management Vulnerability -
Oracle Linux
    15980    Mozilla Firefox And Thunderbird Use-After-Free Vulnerability -
Any Version of Windows
    10220    Microsoft MSHTML Remote Code Execution Vulnerability - Windows
Server 2012
    29680    Elasticsearch Groovy Scripting Engine Remote Code Execution
Vulnerability - Any Version of Linux
    39280    Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition
Vulnerability - RHEL
    36850    Linux Kernel Use of Uninitialized Resource Vulnerability -
RHEL
    31990    Linux Kernel Use-After-Free Vulnerability - Oracle Linux
    16890    Mozilla Firefox Use-After-Free Vulnerability - Any Version of
Windows
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250922/9a7afabe/attachment.html>