threat
engine
.sh
Back
·
··:··
Home
/
Product
/
kingsoft wps office
Product
kingsoft wps office
15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-57096
all versions
An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file.
5.5
MEDIUM
CVE-2024-7263
>= 12.2.0.13110 and < 12.2.0.17153
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclu
7.8
HIGH
CVE-2024-7262
>= 12.2.0.13110 and < 12.2.0.16412
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclu
7.8
HIGH
CVE-2023-31275
all versions
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an
8.8
HIGH
CVE-2023-32548
all versions
OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-mid
8.1
HIGH
CVE-2021-40399
all versions
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A speci
7.8
HIGH
CVE-2022-24934
<= 11.2.0.10382
wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the regi
9.8
CRITICAL
CVE-2022-26081
all versions
The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with th
7.8
HIGH
CVE-2022-25969
all versions
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute
7.8
HIGH
CVE-2022-25943
< 11.2.0.10258
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory wher
7.8
HIGH
CVE-2020-25291
< 11.2.0.9403
GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data w
7.8
HIGH
CVE-2014-2271
all versions
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043,
8.1
HIGH
CVE-2018-7546
all versions
wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a cra
5.5
MEDIUM
CVE-2018-6390
all versions
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source m
6.5
MEDIUM
CVE-2017-17967
all versions
pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka
5.5
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin