Vulnerabilities > Baidu

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-07	CVE-2023-48861	Uncontrolled Search Path Element vulnerability in Baidu Ttplayer 7.0.2 DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll. local low complexity baidu CWE-427	7.8
2023-04-13	CVE-2023-30637	Memory Leak vulnerability in Baidu Braft 1.1.2 Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. network low complexity baidu CWE-401	7.5
2022-12-22	CVE-2021-36631	Uncontrolled Search Path Element vulnerability in Baidu Baidunetdisk Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. local low complexity baidu CWE-427	6.7
2022-06-09	CVE-2022-31830	Server-Side Request Forgery (SSRF) vulnerability in Baidu Kity Minder 1.3.5 Kity Minder v1.3.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the init function at ImageCapture.class.php. network low complexity baidu CWE-918	6.4
2021-09-28	CVE-2021-37271	Cross-site Scripting vulnerability in Baidu Ueditor 1.4.3.3 Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information. network baidu CWE-79	3.5
2021-09-17	CVE-2021-39227	Unspecified vulnerability in Baidu Zrender ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. network low complexity baidu	7.5
2021-07-19	CVE-2020-22741	Cleartext Storage of Sensitive Information vulnerability in Baidu Xuperchain 3.6.0 An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users' private key after obtaining the partial signature in multisignature. network low complexity baidu CWE-312	5.0
2021-07-14	CVE-2020-18145	Cross-site Scripting vulnerability in Baidu Umeditor 1.2.3 Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php. network baidu CWE-79	4.3
2018-11-15	CVE-2018-0692	Untrusted Search Path vulnerability in Baidu Spark Browser Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. network baidu CWE-426 critical	9.3
2017-09-26	CVE-2017-14744	Cross-site Scripting vulnerability in Baidu Ueditor UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element. network baidu CWE-79	4.3

Vulnerabilities > Baidu {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Baidu"}]}

Vulnerabilities > Baidu