Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
baidu vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-39227
ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions before 5.2.1, using `merge` and `clone` helper methods in the `src/core/util.ts` module results in prototype pollution. It affects the popular data visualization library Apache ECharts, whi...
Baidu Zrender
7.5
CVSSv3
CVE-2023-30637
Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected.
Baidu Braft 1.1.2
6.1
CVSSv3
CVE-2020-18145
Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php.
Baidu Umeditor 1.2.3
7.8
CVSSv3
CVE-2017-2219
Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Baidu Simeji 1.0.0.7
7.8
CVSSv3
CVE-2018-0692
Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and previous versions allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Baidu Spark Browser
7.5
CVSSv3
CVE-2020-22741
An issue exists in Xuperchain 3.6.0 that allows for malicious users to recover any arbitrary users' private key after obtaining the partial signature in multisignature.
Baidu Xuperchain 3.6.0
7.8
CVSSv3
CVE-2023-48861
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local malicious users to escalate privileges and execute arbitrary code via urlmon.dll.
Baidu Ttplayer 7.0.2
5.4
CVSSv3
CVE-2021-37271
Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an malicious user to obtain user cookie information.
Baidu Ueditor 1.4.3.3
NA
CVE-2014-5349
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote malicious users to cause a denial of service (application crash) via nested calls to the window.print JavaScript function.
Baidu Spark Browser 26.5.9999.3511
1 EDB exploit
9.1
CVSSv3
CVE-2022-31830
Kity Minder v1.3.5 exists to contain a Server-Side Request Forgery (SSRF) via the init function at ImageCapture.class.php.
Baidu Kity Minder 1.3.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »