CVE-2022-25969
published 2022-03-17CVE-2022-25969: The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the…
PriorityP336high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.78%
51.1th percentile
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kingsoft | wps_office | — | — |
| kingsoft_japan_inc | the_installer_of_wps_office | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Image Magick has a Memory Leak in coders/ashlar.c
ghsa·2026-02-24
CVE-2026-25969 [MEDIUM] CWE-401 Image Magick has a Memory Leak in coders/ashlar.c
Image Magick has a Memory Leak in coders/ashlar.c
Memory leak exists in `coders/ashlar.c`. The `WriteASHLARImage` allocates a structure. However, when an exception is thrown, the allocated memory is not properly released, resulting in a potential memory leak.
```
```bash
==78968== Memcheck, a memory error detector
==78968== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==78968== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info
==78968==
==78968== HEAP SUMMARY:
==78968== in use at exit: 17,232 bytes in 4 blocks
==78968== total heap usage: 4,781 allocs, 4,777 frees, 785,472 bytes allocated
```
GHSA
GHSA-px53-7qp6-v8p9: The installer of WPS Office Version 10
ghsa_unreviewed·2022-03-18
CVE-2022-25969 [HIGH] CWE-427 GHSA-px53-7qp6-v8p9: The installer of WPS Office Version 10
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-03-17
Published