Content Modification: Updates to Kev Content published 2024-11-25

Total New Fixlets: 6
Total Updated Fixlets: 175
Total Fixlets in Site: 2750
Total CVEs Covered: 777
Release Date: 2024-11-25

New Fixlets:
34950 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability - Mac 12+
34920 Apple Multiple Products Code Execution Vulnerability - Apple iOS
34930 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability - Apple iOS
34900 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability - Any Version of MacOS
34940 Apple Multiple Products Code Execution Vulnerability - Mac 12+
34910 Apple Multiple Products Code Execution Vulnerability - Any Version of MacOS

Updated Fixlets:
27650 PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability - Any Version of MacOS
32260 HTTP/2 Rapid Reset Attack Vulnerability - Windows 10
29700 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows Server 2012
13830 Microsoft Windows LSA Spoofing Vulnerability - Windows 11
34820 Microsoft Windows Task Scheduler Privilege Escalation Vulnerability - Windows Server 2025
17930 Synacor Zimbra Collaboration (ZCS) Improper Restriction of XML External Entity Reference - Any Version of Linux
32780 Apple Multiple Products WebKit Code Execution Vulnerability - Ubuntu
16910 SolarWinds Serv-U Improper Input Validation Vulnerability - Any Version of Windows
6670 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows 10
32270 Microsoft Windows Installer Improper Privilege Management Vulnerability - Windows Server 2008 SP2
29710 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows Server 2012 R2
31760 Google Chromium V8 Type Confusion Vulnerability - Any Version of Linux
32280 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability - Windows Server 2008 SP2
29720 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows Server 2016
15900 Veritas Backup Exec Agent Improper Authentication Vulnerability - Any Version of Windows
28700 Linux Kernel Privilege Escalation Vulnerability - Ubuntu
29730 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows Server 2019
34810 Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability - Windows Server 2025
31780 Google Chromium V8 Type Confusion Vulnerability - Any Version of MacOS
20010 Grafana Authentication Bypass Vulnerability - Any Version of MacOS
29740 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows 10
33840 Mozilla Firefox Use-After-Free Vulnerability - Any Version of Windows
29750 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows 8.1
33850 Mozilla Firefox Use-After-Free Vulnerability - Any Version of Linux
30270 PHP-CGI OS Command Injection Vulnerability - Any Version of Windows
29760 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows Server 2022
32320 Microsoft Windows Installer Improper Privilege Management Vulnerability - Windows Server 2022
27200 Apple Multiple Products WebKit Code Execution Vulnerability - Apple iOS
33860 Mozilla Firefox Use-After-Free Vulnerability - Any Version of MacOS
28740 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability - Debian
32330 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability - Windows Server 2022
29770 Microsoft Windows Print Spooler Privilege Escalation Vulnerability - Windows 11
31820 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
32340 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2022
5720 Microsoft Windows LSA Spoofing Vulnerability - Windows 10
10330 Microsoft Windows LSA Spoofing Vulnerability - Windows Server 2012
33370 Apple Multiple Products WebKit Code Execution Vulnerability - RHEL
29790 GitLab Community and Enterprise Editions Improper Access Control Vulnerability - Any Version of Linux
13920 Microsoft Win32k Privilege Escalation Vulnerability - Windows 11
28770 Linux Kernel Use-After-Free Vulnerability - Debian
2670 Microsoft Windows LSA Spoofing Vulnerability - Windows 7 SP1
32380 Microsoft Windows Installer Improper Privilege Management Vulnerability - Windows 11
31870 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability - Oracle Linux
33920 Veeam Backup and Replication Deserialization Vulnerability - Any Version of Windows
32390 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability - Windows 11
19080 Google Chrome FreeType Heap Buffer Overflow Vulnerability - Any Version of Linux
33930 Veeam Backup and Replication Deserialization Vulnerability - Any Version of Linux
32400 HTTP/2 Rapid Reset Attack Vulnerability - Windows 11
16020 McAfee Total Protection (MTP) Improper Privilege Management Vulnerability - Any Version of Windows
33940 Veeam Backup and Replication Deserialization Vulnerability - Any Version of MacOS
13460 Microsoft Windows LSA Spoofing Vulnerability - Windows Server 2022
29850 CrushFTP VFS Sandbox Escape Vulnerability - Any Version of Windows
17060 Google Chrome FreeType Heap Buffer Overflow Vulnerability - Any Version of Windows
31910 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
30890 Microsoft Outlook Security Feature Bypass Vulnerability - Outlook
22700 Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability - Any Version of Windows
30380 Linux Kernel Use-After-Free Vulnerability - Ubuntu
29870 CrushFTP VFS Sandbox Escape Vulnerability - Any Version of Linux
14000 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows 11
30390 Linux Kernel Use-After-Free Vulnerability - Debian
27320 Samsung Mobile Devices Use-After-Free Vulnerability - Any Version of Android
7870 Microsoft Windows LSA Spoofing Vulnerability - Windows Server 2016
18110 Grafana Authentication Bypass Vulnerability - Any Version of Linux
30400 OSGeo GeoServer JAI-EXT Code Injection Vulnerability - Any Operating System
32960 Apple Multiple Products WebKit Code Execution Vulnerability - Debian
31940 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
26320 Samsung Mobile Devices Improper Access Control Vulnerability - Any Version of Android
26330 Samsung Mobile Devices Improper Input Validation Vulnerability - Any Version of Android
26340 Samsung Mobile Devices Improper Boundary Check Vulnerability - Any Version of Android
9960 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows Server 2012 R2
19690 TIBCO JasperReports Server Information Disclosure Vulnerability - Any Version of MacOS
27370 Microsoft WordPad Information Disclosure Vulnerability - Windows 10
28910 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability - RHEL
5360 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows Server 2008 SP2
30450 Linux Kernel Use-After-Free Vulnerability - SLE
27380 Microsoft WordPad Information Disclosure Vulnerability - Windows Server 2008 SP2
13560 Microsoft Win32k Privilege Escalation Vulnerability - Windows Server 2022
26360 Samsung Mobile Devices Out-of-Bounds Read Vulnerability - Any Version of Android
17660 Linux Kernel Privilege Escalation Vulnerability - Any Version of Linux
26880 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability - Any Version of Windows
26370 Samsung Mobile Devices Unspecified Vulnerability - Any Version of Android
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
12550 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows Server 2008 R2 SP1
2310 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows 8.1
27400 Microsoft WordPad Information Disclosure Vulnerability - Windows Server 2019
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
26890 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability - Any Version of Windows
17680 TIBCO JasperReports Server Information Disclosure Vulnerability - Any Version of Linux
6930 Microsoft Windows LSA Spoofing Vulnerability - Windows Server 2019
27410 Microsoft WordPad Information Disclosure Vulnerability - Windows Server 2016
26900 Ignite Realtime Openfire Path Traversal Vulnerability - Any Version of Windows
26390 Samsung Mobile Devices Memory Corruption Vulnerability - Any Version of Android
27420 Microsoft WordPad Information Disclosure Vulnerability - Windows Server 2012 R2
16160 Grafana Authentication Bypass Vulnerability - Any Version of Windows
19750 ExifTool Remote Code Execution Vulnerability - Any Version of MacOS
27430 Microsoft WordPad Information Disclosure Vulnerability - Windows Server 2012
14120 WinRAR Absolute Path Traversal Vulnerability - Any Version of Windows
29480 Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability - Windows Server 2019
26410 Samsung Mobile Devices Improper Access Control Vulnerability - Any Version of Android
27440 Microsoft WordPad Information Disclosure Vulnerability - Windows Server 2022
29490 Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability - Windows 10
20790 Google Chrome FreeType Heap Buffer Overflow Vulnerability - Any Version of MacOS
30520 Microsoft WordPad Information Disclosure Vulnerability - Windows Server 2008 R2
22840 Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability - Any Version of Linux
27450 Microsoft WordPad Information Disclosure Vulnerability - Windows 11
18750 ChakraCore Scripting Engine Type Confusion Vulnerability - Any Version of Linux
16710 Dell dbutil Driver Insufficient Access Control Vulnerability - Any Version of Windows
28490 Atlassian Confluence Data Center and Server Template Injection Vulnerability - Any Operating System
16720 SolarWinds Orion Authentication Bypass Vulnerability - Any Version of Windows
9040 Microsoft Windows LSA Spoofing Vulnerability - Windows Server 2012 R2
13650 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows Server 2022
29520 Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability - Windows Server 2022
26960 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability - Any Version of Linux
30550 Microsoft Windows LSA Spoofing Vulnerability - Windows Server 2008 R2
17750 GitLab Community and Enterprise Editions Remote Code Execution Vulnerability - Any Version of Linux
29530 Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability - Windows 11
26970 Ignite Realtime Openfire Path Traversal Vulnerability - Any Version of Linux
7520 Microsoft Win32k Privilege Escalation Vulnerability - Windows Server 2019
28000 ownCloud graphapi Information Disclosure Vulnerability - Any Version of Linux
14180 Microsoft Defender Remote Code Execution Vulnerability - Any Version of Windows
17770 SolarWinds Serv-U Remote Code Execution Vulnerability - Any Version of Linux
4460 Microsoft Windows LSA Spoofing Vulnerability - Windows Server 2008 SP2
16750 ChakraCore Scripting Engine Type Confusion Vulnerability - Any Version of Windows
32120 HTTP/2 Rapid Reset Attack Vulnerability - Any Version of Windows
33660 Synacor Zimbra Collaboration Command Execution Vulnerability - Any Version of Linux
17790 ExifTool Remote Code Execution Vulnerability - Any Version of Linux
17800 Zabbix Frontend Authentication Bypass Vulnerability - Any Version of Linux
27530 Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability - Any Operating System
15770 TIBCO JasperReports Server Information Disclosure Vulnerability - Any Version of Windows
18330 Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability - Any Version of Linux
7580 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows Server 2019
27040 Google Chromium WebP Heap-Based Buffer Overflow Vulnerability - Any Version of MacOS
1440 Microsoft Windows LSA Spoofing Vulnerability - Windows 8.1
33190 Apple Multiple Products WebKit Code Execution Vulnerability - SLE
27050 Apple Multiple Products WebKit Code Execution Vulnerability - Any Version of MacOS
32170 Microsoft Windows Installer Improper Privilege Management Vulnerability - Windows Server 2016
6060 Microsoft Task Scheduler Privilege Escalation Vulnerability - Windows 10
28080 Qlik Sense Path Traversal Vulnerability - Any Version of Windows
27060 Ignite Realtime Openfire Path Traversal Vulnerability - Any Version of MacOS
32180 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability - Windows Server 2016
15290 System Information Library for Node.JS Command Injection - Any Operating System
28090 Qlik Sense HTTP Tunneling Vulnerability - Any Version of Windows
6590 Microsoft Win32k Privilege Escalation Vulnerability - Windows 10
32190 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2016
18370 Zabbix Frontend Improper Access Control Vulnerability - Any Version of Linux
17860 Veritas Backup Exec Agent Improper Authentication Vulnerability - Any Version of Linux
32200 Microsoft Windows Installer Improper Privilege Management Vulnerability - Windows Server 2019
29640 Android Pixel Privilege Escalation Vulnerability - Any Current Service Pack of Android
3530 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows 7 SP1
8140 Microsoft Task Scheduler Privilege Escalation Vulnerability - Windows Server 2016
28110 Apache Superset Insecure Default Initialization of Resource Vulnerability - Any Operating System
14290 WordPress File Manager Plugin Remote Code Execution Vulnerability - Any Operating System
32210 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability - Windows Server 2019
31190 OSGeo GeoServer GeoTools Eval Injection Vulnerability - Any Version of Windows
28630 Red Hat Polkit Out-of-Bounds Read and Write Vulnerability - Ubuntu
32220 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2019
8670 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows Server 2016
15840 SolarWinds Serv-U Remote Code Execution Vulnerability - Any Version of Windows
7140 Microsoft Task Scheduler Privilege Escalation Vulnerability - Windows Server 2019
32230 Microsoft Windows Installer Improper Privilege Management Vulnerability - Windows 10
11240 Microsoft Windows User Profile Service Privilege Escalation Vulnerability - Windows Server 2012
31210 SolarWinds Serv-U Path Traversal Vulnerability - Any Version of Windows
28650 Linux Kernel Privilege Escalation Vulnerability - Ubuntu
16380 Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability - Any Version of Windows
27630 PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability - Any Version of Windows
32240 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability - Windows 10
6640 Microsoft Windows SAM Local Privilege Escalation Vulnerability - Windows 10
18930 SolarWinds Serv-U Improper Input Validation Vulnerability - Any Version of Linux
29680 Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability - Any Version of Linux
15860 ExifTool Remote Code Execution Vulnerability - Any Version of Windows
31220 SolarWinds Serv-U Path Traversal Vulnerability - Any Version of Linux
28660 Linux Kernel Use-After-Free Vulnerability - Ubuntu
27640 PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability - Any Version of Linux
29690 Elasticsearch Remote Code Execution Vulnerability - Any Version of Linux
31740 Google Chromium V8 Type Confusion Vulnerability - Any Version of Windows