Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
baidu vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-2221
Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and previous versions allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Baidu Baidu Ime
NA
CVE-2008-6444
Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote malicious users to execute arbitrary code via a crafted packet, probably related to an improper length value.
Baidu Baidu Hi -
NA
CVE-2008-7013
NetService.dll in Baidu Hi IM allows remote servers to cause a denial of service (client crash) via a crafted login response that triggers a divide-by-zero error.
Baidu Baidu Hi Im -
NA
CVE-2014-7444
The Baidu Navigation (aka com.baidu.navi) application 3.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Baidu Baidu Navigation 3.5.0
4.8
CVSSv3
CVE-2023-25796
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Include WP BaiDu Submit plugin <= 1.2.1 versions.
Wp Baidu Submit Project Wp Baidu Submit
6.1
CVSSv3
CVE-2023-31230
Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a up to and including 1.0.2.
Baidu-tongji-generator Project Baidu-tongji-generator
4.8
CVSSv3
CVE-2023-31233
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Haoqisir Baidu Tongji generator plugin <= 1.0.2 versions.
Baidu Tongji Generator Project Baidu Tongji Generator
8.1
CVSSv3
CVE-2016-10697
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the r...
React-native-baidu-voice-synthesizer Project React-native-baidu-voice-synthesizer 1.0.0
6.1
CVSSv3
CVE-2017-14744
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
Baidu Ueditor
9.8
CVSSv3
CVE-2021-39227
ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions before 5.2.1, using `merge` and `clone` helper methods in the `src/core/util.ts` module results in prototype pollution. It affects the popular data visualization library Apache ECharts, whi...
Baidu Zrender
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »