Every CVE whose affected-product data names Kingsoft Wps Office, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2023-31275 — CVSS 8.8 (high): An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel…
CVE-2023-32548 — CVSS 8.1 (high): OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle…
CVE-2022-25943 — CVSS 7.8 (high): The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the…
CVE-2022-25969 — CVSS 7.8 (high): The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary…
CVE-2022-26081 — CVSS 7.8 (high): The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the…
CVE-2024-7263 — CVSS 7.8 (high): Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on…
CVE-2020-25291 — CVSS 7.8 (high): GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a…
CVE-2018-7546 — CVSS 5.5 (medium): wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf…
CVE-2024-57096 — CVSS 5.5 (medium): An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file.