Forwarded by Taiwan Computer Network Crisis Response and Coordination Center (TWCERTCC-200-202510-00000004)

[Description]
1. [CVE-2021-22555] Linux Kernel Heap Out-of-Bounds Write Vulnerability (CVSS v3.1: 8.3)
[Exploited by ransomware: Unknown] A heap out-of-bounds write vulnerability exists in the Linux kernel. An attacker can exploit this vulnerability to escalate privileges or cause a DoS (via heap memory corruption) via the user namespace.
[Affected Platforms] Linux Kernel 2.6.19-rc1 and later

2. [CVE-2010-3962] Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability (CVSS v3.1: 8.1)
[Exploited by Ransomware: Unknown] An uninitialized memory corruption vulnerability in Microsoft Internet Explorer could allow remote code execution.
[Affected Platforms] Please refer to the official list of affected versions.
https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090

3. [CVE-2021-43226] Microsoft Windows Privilege Escalation Vulnerability (CVSS v3.1: 7.8)
[Exploited by Ransomware: Known] A privilege escalation vulnerability in the Microsoft Windows Common Log File System driver could allow an attacker with local privileges to bypass certain security mechanisms.
[Affected Platforms] Please refer to the official list of affected versions.
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-43226

4. [CVE-2013-3918] Microsoft Windows Out-of-Bounds Write Vulnerability (CVSS v3.1: 8.8)
[Exploited by Ransomware: Unknown] Microsoft Windows has an out-of-bounds write vulnerability in the InformationCardSigninHelper ActiveX control (icardie.dll). An attacker can exploit this vulnerability via a specially crafted webpage. When a user browses to this webpage, this vulnerability could lead to remote code execution. An attacker who successfully exploited this vulnerability could gain the same privileges as the current user. The affected product may have reached End of Life (EoL) or End of Service (EoS). Users are advised to stop using this product.
[Affected Platforms] Please refer to the official list of affected versions.
https://learn.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-090

5. [CVE-2011-3402] Microsoft Windows Remote Code Execution Vulnerability (CVSS v3.1: 8.8)
[Exploited by ransomware: Unknown] A vulnerability in the TrueType font parsing engine in the kernel-mode driver win32k.sys in the Microsoft Windows Kernel could allow a remote attacker to execute arbitrary code in a Word document or web page via specially crafted font data.
[Affected Platforms] Please refer to the official list of affected versions.
https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2011/ms11-087

6. [CVE-2010-3765] Mozilla Multiple Products Remote Code Execution Vulnerability (CVSS v3.1: 9.8)
[Exploited by Ransomware: Unknown] Mozilla Firefox, SeaMonkey, and Thunderbird have unspecified vulnerabilities when JavaScript is enabled. A remote attacker can cause memory corruption and execute arbitrary code via attack vectors related to the nsCSSFrameConstructor::ContentAppended and appendChild methods, improper index tracking, and the creation of multiple frames, leading to arbitrary code execution.
[Affected Platforms] Please refer to the official list of affected versions.
https://blog.mozilla.org/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/

7. [CVE-2025-61882] Oracle E-Business Suite Unspecified Vulnerability (CVSS v3.1: 9.8)
[Exploited by Ransomware: Yes] An unspecified vulnerability in the BI Publisher integration component of Oracle E-Business Suite could allow an unauthenticated attacker via HTTP to compromise and take over Oracle Concurrent Processing.
[Affected Platforms] Please refer to the official list of affected versions.
https://www.oracle.com/security-alerts/alert-cve-2025-61882.html

8. [CVE-2025-27915] Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability (CVSS v3.1: 5.4)
[Exploited by Ransomware: Unknown] The classic web client of the Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting (XSS) vulnerability due to insufficient filtering of HTML content in ICS files. When a user views an email containing a malicious ICS project, embedded JavaScript is executed via the ontoggle event within the tag. This vulnerability allows an attacker to execute arbitrary JavaScript code in the victim's session, potentially performing unauthorized actions, such as configuring email filters to forward emails to an attacker-controlled address. Ultimately, the attacker could perform unauthorized actions on the victim's account, such as email forwarding and data exfiltration.
[Affected Platforms] Please refer to the official list of affected versions.
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

9. [CVE-2021-43798] Grafana Path Traversal Vulnerability (CVSS v3.1: 7.5)
[Exploited by Ransomware: Unknown] A path traversal vulnerability in Grafana could allow an attacker to access local files.
[Affected Platforms] Please refer to the official affected versions
https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p
[Affected Platforms]
Detailed information is in the affected platforms in the content description column

[Recommended Actions]
1. [CVE-2021-22555] The official has released a fix for the vulnerability. Please update to the relevant version
(1). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
(2). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d

2. [CVE-2010-3962] An official fix has been released for this vulnerability. Please update to the relevant version.
https://learn.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-090

3. [CVE-2021-43226] An official fix has been released for this vulnerability. Please update to the relevant version.
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-43226

4. [CVE-2013-3918] An official fix has been released for the vulnerability. Please update to the relevant version.
https://learn.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-090

5. [CVE-2011-3402] An official fix has been released for the vulnerability. Please update to the relevant version.
https://learn.microsoft.com/en-us/security-updates/SecurityBulletins/2011/ms11-087

6. [CVE-2010-3765] An official fix has been released for the vulnerability. Please update to the relevant version.
https://blog.mozilla.org/security/2010/10/26/critical-vulnerability-in-firefox-3-5-and-firefox-3-6/

7. [CVE-2025-61882] A fix has been released for this vulnerability. Please update to the relevant version.
https://www.oracle.com/security-alerts/alert-cve-2025-61882.html

8. [CVE-2025-27915] A fix has been released for this vulnerability. Please update to the relevant version.
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

9. [CVE-2021-43798] A fix has been released for this vulnerability. Please update to the relevant version.
https://github.com/grafana/grafana/security/advisories/GHSA-8pjx-jj86-j47p