Kingsoft Wps_office

10 CVEs affecting Kingsoft Wps_office. Latest disclosed: 2025-05-14. Critical: 0, High: 8.

Top CVEs affecting Kingsoft Wps_office
CVESeverityScorePublishedSummary
CVE-2023-31275High8.82023-11-27An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially craf…
CVE-2023-32548High8.12023-06-13OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the produ…
CVE-2024-7263High7.82024-08-15Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an at…
CVE-2024-7262High7.82024-08-15Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an at…
CVE-2022-26081High7.82022-03-17The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invok…
CVE-2022-25969High7.82022-03-17The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privi…
CVE-2022-25943High7.82022-03-09The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is inst…
CVE-2020-25291High7.82020-09-13GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This i…
CVE-2024-57096Medium5.52025-05-14An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file.
CVE-2018-7546Medium5.52018-07-18wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file.