Vulnerabilities > Baidu

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-01	CVE-2024-7342	Unrestricted Upload of File with Dangerous Type vulnerability in Baidu Ueditor A vulnerability was found in Baidu UEditor 1.4.3.3. network low complexity baidu CWE-434	6.1
2024-08-01	CVE-2024-7343	Cross-site Scripting vulnerability in Baidu Ueditor 1.4.2 A vulnerability was found in Baidu UEditor 1.4.2. network low complexity baidu CWE-79	6.1
2023-12-07	CVE-2023-48861	Uncontrolled Search Path Element vulnerability in Baidu Ttplayer 7.0.2 DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll. local low complexity baidu CWE-427	7.8
2023-04-13	CVE-2023-30637	Memory Leak vulnerability in Baidu Braft 1.1.2 Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. network low complexity baidu CWE-401	7.5
2022-12-22	CVE-2021-36631	Uncontrolled Search Path Element vulnerability in Baidu Baidunetdisk 7.4.3 Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. local low complexity baidu CWE-427	6.7
2022-06-09	CVE-2022-31830	Server-Side Request Forgery (SSRF) vulnerability in Baidu Kity Minder 1.3.5 Kity Minder v1.3.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the init function at ImageCapture.class.php. network low complexity baidu CWE-918 critical	9.1
2021-09-28	CVE-2021-37271	Cross-site Scripting vulnerability in Baidu Ueditor 1.4.3.3 Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information. network low complexity baidu CWE-79	5.4
2021-09-17	CVE-2021-39227	Unspecified vulnerability in Baidu Zrender ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. network low complexity baidu critical	9.8
2021-07-19	CVE-2020-22741	Cleartext Storage of Sensitive Information vulnerability in Baidu Xuperchain 3.6.0 An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users' private key after obtaining the partial signature in multisignature. network low complexity baidu CWE-312	7.5
2021-07-14	CVE-2020-18145	Cross-site Scripting vulnerability in Baidu Umeditor 1.2.3 Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php. network low complexity baidu CWE-79	6.1

Vulnerabilities > Baidu {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Baidu"}]}

Vulnerabilities > Baidu