Lucene search
K

4 matches found

CVE
CVE
added 2 days ago9 views

CVE-2026-41880

CVE-2026-41880: R-SOFT DMS OCR module is vulnerable to OS Command Injection via unsanitized user-controllable file paths passed to the system shell through SSH. An authenticated attacker triggering OCR on an uploaded file can execute commands as root. The issue is mitigated by fixes in v3.19-2862...

9CVSS6.2AI score0.01331EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-41880

R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition OCR module. Multiple command execution functions accept user-controllable file paths without proper sanitization before passing them to the system shell via SSH. In current infrastructure the URL encoding...

9CVSS6.2AI score0.01331EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/25 12:0 a.m.1 views

Memory Corruption Vulnerability in WPS Office ocr Module Handling GIF Images

WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used text, table, presentation and many other functions of office software. A memory corruption vulnerability exists in the OCR module Image to Text of WPS Office wh...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/04/25 12:0 a.m.2 views

Heap Overflow Vulnerability in WPS Office ocr Module

WPS Office is an office software suite independently developed by Kingsoft Corporation Limited, which can realize the most commonly used text, table, presentation and many other functions of office software. A heap overflow vulnerability exists in the OCR module Image to Text of WPS OFFICE when...

7.8AI score
Exploits0
Rows per page
Query Builder