Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
baidu vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-14744
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
Baidu Ueditor
5.4
CVSSv3
CVE-2021-37271
Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an malicious user to obtain user cookie information.
Baidu Ueditor 1.4.3.3
7.8
CVSSv3
CVE-2023-48861
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local malicious users to escalate privileges and execute arbitrary code via urlmon.dll.
Baidu Ttplayer 7.0.2
7.8
CVSSv3
CVE-2017-2219
Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Baidu Simeji 1.0.0.7
6.1
CVSSv3
CVE-2020-18145
Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php.
Baidu Umeditor 1.2.3
7.5
CVSSv3
CVE-2023-30637
Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected.
Baidu Braft 1.1.2
7.5
CVSSv3
CVE-2020-22741
An issue exists in Xuperchain 3.6.0 that allows for malicious users to recover any arbitrary users' private key after obtaining the partial signature in multisignature.
Baidu Xuperchain 3.6.0
7.8
CVSSv3
CVE-2018-0692
Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and previous versions allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Baidu Spark Browser
9.1
CVSSv3
CVE-2022-31830
Kity Minder v1.3.5 exists to contain a Server-Side Request Forgery (SSRF) via the init function at ImageCapture.class.php.
Baidu Kity Minder 1.3.5
NA
CVE-2009-2970
Stack-based buffer overflow in the GetUiDllVersion function in an ActiveX control in UiCheck.dll prior to 1.0.0.7 in UiTV UiPlayer, as used in BaiduX and other products, allows remote malicious users to execute arbitrary code via the filename parameter.
Uitv Uiplayer
Baidu Baidux
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »