Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26081 | 1 Kingsoft | 1 Wps Office | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | |||||
| CVE-2022-25969 | 1 Kingsoft | 1 Wps Office | 2022-03-23 | 6.8 MEDIUM | 7.8 HIGH |
| The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. | |||||
| CVE-2022-25943 | 1 Kingsoft | 1 Wps Office | 2022-03-14 | 4.6 MEDIUM | 7.8 HIGH |
| The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. | |||||
| CVE-2020-25291 | 1 Kingsoft | 1 Wps Office | 2020-09-17 | 6.8 MEDIUM | 7.8 HIGH |
| GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x. | |||||
| CVE-2018-7546 | 1 Kingsoft | 2 Jinshan Pdf, Wps Office | 2018-09-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file. | |||||