Vulnerabilities > Baidu > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-15 | CVE-2018-0692 | Untrusted Search Path vulnerability in Baidu Spark Browser Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-08-04 | CVE-2017-2221 | Untrusted Search Path vulnerability in Baidu IME Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2017-06-09 | CVE-2017-2219 | Untrusted Search Path vulnerability in Baidu Simeji 1.0.0.7 Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
| 2009-10-19 | CVE-2009-2970 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the GetUiDllVersion function in an ActiveX control in UiCheck.dll before 1.0.0.7 in UiTV UiPlayer, as used in BaiduX and other products, allows remote attackers to execute arbitrary code via the filename parameter. | 9.3 |
| 2009-03-09 | CVE-2008-6444 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Baidu HI Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value. | 10.0 |
| 2007-07-31 | CVE-2007-4105 | Remote Code Execution vulnerability in Baidu Soba Search BAR 5.4 A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion. | 9.3 |