Vulnerabilities > Baidu > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-07 CVE-2023-48861 Uncontrolled Search Path Element vulnerability in Baidu Ttplayer 7.0.2
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll.
local
low complexity
baidu CWE-427
7.8
2023-04-13 CVE-2023-30637 Memory Leak vulnerability in Baidu Braft 1.1.2
Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server.
network
low complexity
baidu CWE-401
7.5
2021-07-19 CVE-2020-22741 Cleartext Storage of Sensitive Information vulnerability in Baidu Xuperchain 3.6.0
An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users' private key after obtaining the partial signature in multisignature.
network
low complexity
baidu CWE-312
7.5
2018-11-15 CVE-2018-0692 Untrusted Search Path vulnerability in Baidu Spark Browser
Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
baidu CWE-426
7.8
2017-08-04 CVE-2017-2221 Untrusted Search Path vulnerability in Baidu IME 3.6.1.6
Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
baidu CWE-426
7.8
2017-06-09 CVE-2017-2219 Untrusted Search Path vulnerability in Baidu Simeji 1.0.0.7
Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
baidu CWE-426
7.8