WPS Office improper access restriction to its named pipe

Overview WPS Office provided by WPS SOFTWARE PTE. LTD. contains a service program running background and providing certain functionalities to the other programs. This service program uses a named pipe to communicate with the other programs. The named pipe above is not properly protected and any...

CVE-2018-6390

The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an copy call, which allows remote attackers to cause a denial of service access violation and application crash via a crafted a web page, b office...

EUVD-2018-19273

Malware in sbrugna...

EUVD-2018-17978

Malware in sbrugna...

EUVD-2018-18147

Malware in sbrugna...

EUVD-2020-17979

Malware in sbrugna...

EUVD-2017-9110

Malware in sbrugna...

EUVD-2025-14893

Malicious code in bioql PyPI...

EUVD-2022-30649

Malicious code in bioql PyPI...

EUVD-2023-35589

Malicious code in bioql PyPI...

EUVD-2022-30518

Malicious code in bioql PyPI...

EUVD-2025-8443

Malicious code in bioql PyPI...

EUVD-2024-35236

Malicious code in bioql PyPI...

EUVD-2024-53465

Malicious code in bioql PyPI...

EUVD-2021-27576

Malicious code in bioql PyPI...

EUVD-2024-51409

Malicious code in bioql PyPI...

EUVD-2024-48210

Malicious code in bioql PyPI...

EUVD-2023-36792

Malicious code in bioql PyPI...

EUVD-2022-30541

Malicious code in bioql PyPI...

CVE-2024-7263

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 exclusive on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough...