Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

The installer of WPS Office

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2022-26081
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.37% / 57.89%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 17:15
Updated-03 Aug, 2024 | 04:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.

Action-Not Available
Vendor-kingsoftKINGSOFT JAPAN, INC.
Product-wps_officeThe installer of WPS Office
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2022-25969
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.37% / 57.89%
||
7 Day CHG~0.00%
Published-17 Mar, 2022 | 17:15
Updated-03 Aug, 2024 | 04:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.

Action-Not Available
Vendor-kingsoftKINGSOFT JAPAN, INC.
Product-wps_officeThe installer of WPS Office
CWE ID-CWE-427
Uncontrolled Search Path Element