Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kingsoft wps office vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2013-3934
Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 prior to 9.1.0.4256, allows remote malicious users to execute arbitrary code via a long font name in a WPS file.
Kingsoft Office 2012 8.1.0.3385
Kingsoft Writer 2012 8.1.0.3030
1 EDB exploit
4.3
CVSSv2
CVE-2018-6390
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote malicious users to cause a denial of service (access violation and application crash) via a craf...
Wps Wps Office 10.1.0.7106
Wps Wps Office 10.2.0.5978
7.5
CVSSv2
CVE-2022-24934
wpsupdater.exe in Kingsoft WPS Office up to and including 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry.
Wps Wps Office
4 Github repositories
6.8
CVSSv2
CVE-2014-2271
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle malicious users to conduct downgrade attacks and e...
Wps Wps Office 5.3.1
Huawei P2-6011 Firmware
4.3
CVSSv2
CVE-2017-17967
pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote malicious users to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482.
Ksosoft Wps Office 10.1.0.6930
4.6
CVSSv2
CVE-2018-6400
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group.
Kingsoftstore Wps Office Free 10.2.0.5978
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2