Lucene search
+L

454 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-30523

Malicious code in bioql PyPI...

7.8CVSS8.1AI score0.00741EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/23 9:50 a.m.8 views

CVE-2024-7263

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 exclusive on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough...

9.3CVSS7.7AI score0.01773EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:34 a.m.12 views

CVE-2024-13187

A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit...

5.3CVSS7.1AI score0.0023EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 7:9 a.m.7 views

CVE-2024-56957

An issue in Kingsoft Office Software Corporation Limited WPS Office iOS 12.20.0 allows attackers to access sensitive user information via supplying a crafted link...

6.5CVSS6.1AI score0.0031EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 6:25 a.m.7 views

CVE-2024-7262

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 exclusive on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive...

9.3CVSS7.6AI score0.01773EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 12:3 a.m.13 views

CVE-2022-24934

wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEYCURRENTUSER in the registry...

9.8CVSS7.8AI score0.2047EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 10:33 p.m.6 views

CVE-2022-25949

The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow...

7.8CVSS6.9AI score0.00741EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 3:21 p.m.6 views

CVE-2020-25291

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x...

7.8CVSS7.2AI score0.01617EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 12:5 p.m.14 views

CVE-2012-0321

Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application...

2.1CVSS6.4AI score0.00387EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 11:10 a.m.6 views

CVE-2013-0723

Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a crafted spreadsheet file...

9.3CVSS8.6AI score0.04202EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 6:7 a.m.9 views

CVE-2013-0710

Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document...

9.3CVSS8.5AI score0.04273EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 2:29 a.m.14 views

CVE-2010-5208

Multiple untrusted search path vulnerabilities in the 1 Presentation, 2 Writer, and 3 Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a directory that contains a...

6.9CVSS7.1AI score0.00347EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 2:5 a.m.11 views

CVE-2010-5164

Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory chang...

6.2CVSS6.9AI score0.00379EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 2:2 a.m.12 views

CVE-2013-3934

Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file...

9.3CVSS8.3AI score0.09751EPSS
Exploits8References1
cnnvd
cnnvd
added 2025/05/14 12:0 a.m.5 views

Kingsoft WPS Office 信息泄露漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functions. A security vulnerability exists in Kingsoft WPS Office versions prior to 19302, which originates in specially crafted files that could lead to the disclosure of sensitive information...

5.5CVSS6.3AI score0.00133EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/03/27 12:0 a.m.3 views

Kingsoft WPS Office 加密问题漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functionality. Kingsoft WPS Office suffers from a cryptographic issue vulnerability that stems from the use of weak cryptographic key pairs during signature verification, which could lead to an...

9.5CVSS6.7AI score0.0013EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/03/06 4:38 p.m.24 views

CVE-2024-11957

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...

9.3CVSS7.2AI score0.01773EPSS
Exploits0References1
nvd
nvd
added 2025/03/04 4:15 p.m.18 views

CVE-2024-11957

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...

9.3CVSS0.00107EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/03/04 3:41 p.m.17 views

CVE-2024-11957 Arbitrary Code Execution in WPS Office

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...

9.3CVSS7.7AI score0.00107EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/03/04 12:0 a.m.6 views

Kingsoft WPS Office 数据伪造问题漏洞

Kingsoft WPS Office is a kind of office software from Kingsoft China. It provides document processing functionality. A security vulnerability exists in Kingsoft WPS Office 12.1.0.18276 and prior versions, which stems from improper verification of digital signatures and could lead to the loading o...

9.3CVSS6.8AI score0.00107EPSS
Exploits0References3
Rows per page
Query Builder