Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
baidu vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-6444
Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote malicious users to execute arbitrary code via a crafted packet, probably related to an improper length value.
Baidu Baidu Hi -
9.3
CVSSv2
CVE-2017-2221
Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and previous versions allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Baidu Baidu Ime
5
CVSSv2
CVE-2008-7013
NetService.dll in Baidu Hi IM allows remote servers to cause a denial of service (client crash) via a crafted login response that triggers a divide-by-zero error.
Baidu Baidu Hi Im -
5.4
CVSSv2
CVE-2014-7444
The Baidu Navigation (aka com.baidu.navi) application 3.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Baidu Baidu Navigation 3.5.0
NA
CVE-2023-31230
Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a up to and including 1.0.2.
Baidu-tongji-generator Project Baidu-tongji-generator
NA
CVE-2023-31233
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Haoqisir Baidu Tongji generator plugin <= 1.0.2 versions.
Baidu Tongji Generator Project Baidu Tongji Generator
NA
CVE-2023-25796
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Include WP BaiDu Submit plugin <= 1.2.1 versions.
Wp Baidu Submit Project Wp Baidu Submit
9.3
CVSSv2
CVE-2016-10697
react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the r...
React-native-baidu-voice-synthesizer Project React-native-baidu-voice-synthesizer 1.0.0
NA
CVE-2021-36631
Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and previous versions allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Baidu Baidunetdisk
7.5
CVSSv2
CVE-2021-39227
ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions before 5.2.1, using `merge` and `clone` helper methods in the `src/core/util.ts` module results in prototype pollution. It affects the popular data visualization library Apache ECharts, whi...
Baidu Zrender
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »