Kingsoft WPS Office Path Traversal Vulnerability

Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library...

CVE-2024-7263

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 exclusive on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough...

CVE-2024-7263

CVE-2024-7263 affects Kingsoft WPS Office on Windows, specifically the promecefpluginhost.exe path validation. Versions 12.2.0.13110 through 12.2.0.17115 (exclusive) are vulnerable to loading an arbitrary Windows library due to improper path validation, with the issue tied to an earlier CVE-2024-...

CVE-2024-7263 Arbitrary Code Execution in WPS Office

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 exclusive on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough...

CVE-2024-7262

Kingsoft WPS Office for Windows is affected by CVE-2024-7262 due to improper path validation in promecefpluginhost.exe. Versions 12.2.0.13110–12.2.0.16412 (exclusive) are exploitable via a weaponized, single-click embedded spreadsheet document that can load an arbitrary Windows library. Connected...

CVE-2024-7262

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 exclusive on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive...

Design/Logic Flaw

Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scene distributed operating system based on a microkernel. Huawei HarmonyOS has a security vulnerability, which stems from the Huawei VR casting screen has a problem with stray permissions, attackers can use the...

WordPress Theme Highlight Premium - Cross-Site Request Forgery Arbitrary File Upload

WordPress Theme Highlight Premium - Cross-Site Request Forgery Arbitrary File Upload Title : Wordpress Highlight Premium Themes CSRF File Upload Vulnerability Author : DevilScreaM Date : 11/10/2013 - 10 November 2013 Category : Web Applications Type : PHP Vendor : http://themeforest.net Download ...