454 matches found
EUVD-2022-30523
Malicious code in bioql PyPI...
CVE-2024-7263
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 exclusive on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough...
CVE-2024-13187
A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit...
CVE-2024-56957
An issue in Kingsoft Office Software Corporation Limited WPS Office iOS 12.20.0 allows attackers to access sensitive user information via supplying a crafted link...
CVE-2024-7262
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 exclusive on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive...
CVE-2022-24934
wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEYCURRENTUSER in the registry...
CVE-2022-25949
The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow...
CVE-2020-25291
GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x...
CVE-2012-0321
Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application...
CVE-2013-0723
Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a crafted spreadsheet file...
CVE-2013-0710
Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document...
CVE-2010-5208
Multiple untrusted search path vulnerabilities in the 1 Presentation, 2 Writer, and 3 Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a directory that contains a...
CVE-2010-5164
Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory chang...
CVE-2013-3934
Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file...
Kingsoft WPS Office 信息泄露漏洞
Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functions. A security vulnerability exists in Kingsoft WPS Office versions prior to 19302, which originates in specially crafted files that could lead to the disclosure of sensitive information...
Kingsoft WPS Office 加密问题漏洞
Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functionality. Kingsoft WPS Office suffers from a cryptographic issue vulnerability that stems from the use of weak cryptographic key pairs during signature verification, which could lead to an...
CVE-2024-11957
Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...
CVE-2024-11957
Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...
CVE-2024-11957 Arbitrary Code Execution in WPS Office
Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...
Kingsoft WPS Office 数据伪造问题漏洞
Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functionality. A security vulnerability exists in Kingsoft WPS Office 12.1.0.18276 and prior versions, which stems from improper verification of digital signatures and could lead to the loading o...