CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13187 – Kingsoft WPS Office TCC code injection
https://notcve.org/view.php?id=CVE-2024-13187
08 Jan 2025 — A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipulation leads to code injection. It is possible to launch the attack on the local host. • https://github.com/Rsec-1/wps • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 1%CPEs: 1EXPL: 0CVE-2023-32548
https://notcve.org/view.php?id=CVE-2023-32548
13 Jun 2023 — OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where the product is installed. • https://jvn.jp/en/jp/JVN36060509 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 60%CPEs: 1EXPL: 5CVE-2022-24934
https://notcve.org/view.php?id=CVE-2022-24934
23 Mar 2022 — wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry. El ejecutable wpsupdater.exe en Kingsoft WPS Office versiones hasta 11.2.0.10382, permite una ejecución de código remota mediante la modificación de HKEY_CURRENT_USER en el registro • https://github.com/webraybtl/CVE-2022-24934 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26081
https://notcve.org/view.php?id=CVE-2022-26081
17 Mar 2022 — The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. El instalador de WPS Office versión 10.8.0.5745, carga de forma no segura de shcore.dll, lo que permite a un atacante ejecutar código arbitrario con el privilegio del usuario invocando a el instalador • https://jvn.jp/en/jp/JVN21234459 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25969
https://notcve.org/view.php?id=CVE-2022-25969
17 Mar 2022 — The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer. El instalador de WPS Office Versión 10.8.0.6186, una carga no segura de VERSION.DLL (o algunas otras DLL), permitiendo a un atacante ejecutar código arbitrario con el privilegio del usuario invocando a el instalador • https://jvn.jp/en/jp/JVN21234459 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 9%CPEs: 1EXPL: 2CVE-2022-25943
https://notcve.org/view.php?id=CVE-2022-25943
09 Mar 2022 — The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. El instalador de WPS Office para versiones de Windows anteriores a v11.2.0.10258, no configura correctamente la ACL para el directorio donde es instalado el programa de servicio • https://github.com/webraybtl/CVE-2022-25943 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2020-25291
https://notcve.org/view.php?id=CVE-2020-25291
13 Sep 2020 — GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x. GdiDrawHoriLineIAlt en Kingsoft WPS Office versiones anteriores a 11.2.0.9403, permite una corrupción remota de la pila por medio de un fragmento PLTE diseñado en datos PNG dentro de un documento Word. Esto está relacionado con la función QBrush::setMatrix en el archivo gui/pain... • http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 1%CPEs: 3EXPL: 0CVE-2014-2271
https://notcve.org/view.php?id=CVE-2014-2271
14 Jan 2020 — cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic. cn.wps.moffice.common.beans.print.CloudPrintWebView en Kingsoft Office versión 5.3.1, como es usado en los dispositivo... • http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-401529.htm • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-6390
https://notcve.org/view.php?id=CVE-2018-6390
29 Jan 2018 — The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before an _copy call, which allows remote attackers to cause a denial of service (access violation and application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file. La función WStr::assign en kso.dll en Kingsoft WPS Office 10.1.0.7106 y 10.2.0.5978 no valida el tamaño del bloque de memoria de origen antes de una llamada _copy. Esto permite que ... • https://github.com/Khwarezmia/WPS_POC/tree/master/wps_20180129 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17967
https://notcve.org/view.php?id=CVE-2017-17967
28 Dec 2017 — pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT file, aka CNVD-2017-35482. Pptreader.dll en Kingsoft WPS Office 10.1.0.6930 permite que atacantes remotos provoquen una denegación de servicio (DoS) mediante un archivo PPT manipulado. Esto también se conoce como CNVD-2017-35482. • http://www.cnvd.org.cn/flaw/show/1169328 • CWE-20: Improper Input Validation •