Wps
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57096 | 0.00 | — | 0.00 | May 14, 2025 | An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file. | |||
| CVE-2023-31275 | 0.00 | — | 0.01 | Nov 27, 2023 | An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||
| CVE-2021-40399 | 0.00 | — | 0.01 | May 12, 2022 | An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||
| CVE-2014-6692 | 0.00 | — | 0.00 | Sep 23, 2014 | The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
- CVE-2024-57096May 14, 2025risk 0.00cvss —epss 0.00
An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file.
- CVE-2023-31275Nov 27, 2023risk 0.00cvss —epss 0.01
An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel file. A specially crafted malformed file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
- CVE-2021-40399May 12, 2022risk 0.00cvss —epss 0.01
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
- CVE-2014-6692Sep 23, 2014risk 0.00cvss —epss 0.00
The Kingsoft Clip (Office Tool) (aka cn.wps.clip) application 1.5.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.