CVE-2021-40399
- EPSS 0.69%
- Veröffentlicht 12.05.2022 17:15:09
- Zuletzt bearbeitet 21.11.2024 06:24:02
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to pro...
CVE-2022-24934
- EPSS 61.43%
- Veröffentlicht 23.03.2022 22:15:13
- Zuletzt bearbeitet 21.11.2024 06:51:25
wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry.
CVE-2014-2271
- EPSS 1.8%
- Veröffentlicht 14.01.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 02:05:58
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct...
CVE-2018-6390
- EPSS 0.4%
- Veröffentlicht 29.01.2018 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:37
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and appli...