BaiduCVEs & Vulnerabilities

21 CVEs affecting Baidu products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

ueditor 4spark browser 2baidu ime 1baidunetdisk 1baidux 1braft 1brcc 1baidu navigation 1
CVE-2025-45616CRITICAL

Incorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request.

5 May 2025
9.8
CVSS
CVE-2024-7343MEDIUM

A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source[] leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273274 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

1 Aug 2024
6.1
CVSS
CVE-2024-7342MEDIUM

A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273273 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

1 Aug 2024
6.1
CVSS
CVE-2023-48861HIGH

DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll.

7 Dec 2023
7.8
CVSS
CVE-2023-30637HIGH

Baidu braft 1.1.2 has a memory leak related to use of the new operator in example/atomic/atomic_server. NOTE: installations with brpc-0.14.0 and later are unaffected.

14 Apr 2023
7.5
CVSS
CVE-2021-36631MEDIUM

Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

22 Dec 2022
6.7
CVSS
CVE-2022-31830CRITICAL

Kity Minder v1.3.5 was discovered to contain a Server-Side Request Forgery (SSRF) via the init function at ImageCapture.class.php.

9 Jun 2022
9.1
CVSS
CVE-2021-37271MEDIUM

Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.

28 Sep 2021
5.4
CVSS
CVE-2021-39227CRITICAL

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using `merge` and `clone` helper methods in the `src/core/util.ts` module results in prototype pollution. It affects the popular data visualization library Apache ECharts, which uses and exports these two methods directly. The GitHub Security Advisory page for this vulnerability contains a proof of concept. This issue is patched in ZRender version 5.2.1. One workaround is available: Check if there is `__proto__` in the object keys. Omit it before using it as an parameter in these affected methods. Or in `echarts.util.merge` and `setOption` if project is using ECharts.

17 Sep 2021
9.8
CVSS
CVE-2020-22741HIGH

An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users' private key after obtaining the partial signature in multisignature.

19 Jul 2021
7.5
CVSS
CVE-2020-18145MEDIUM

Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php.

14 Jul 2021
6.1
CVSS
CVE-2018-0692HIGH

Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

15 Nov 2018
7.8
CVSS
CVE-2017-14744MEDIUM

UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.

26 Sep 2017
6.1
CVSS
CVE-2017-2221HIGH

Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

4 Aug 2017
7.8
CVSS
CVE-2017-2219HIGH

Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9 Jun 2017
7.8
CVSS
CVE-2014-7444MEDIUM

The Baidu Navigation (aka com.baidu.navi) application 3.5.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

19 Oct 2014
5.4
CVSS
CVE-2014-5349MEDIUMpoc

Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function.

19 Aug 2014
5.0
CVSS
CVE-2009-2970CRITICAL

Stack-based buffer overflow in the GetUiDllVersion function in an ActiveX control in UiCheck.dll before 1.0.0.7 in UiTV UiPlayer, as used in BaiduX and other products, allows remote attackers to execute arbitrary code via the filename parameter.

19 Oct 2009
9.3
CVSS
CVE-2008-7013MEDIUM

NetService.dll in Baidu Hi IM allows remote servers to cause a denial of service (client crash) via a crafted login response that triggers a divide-by-zero error.

19 Aug 2009
5.0
CVSS
CVE-2008-6444CRITICAL

Stack-based buffer overflow in CSTransfer.dll in Baidu Hi IM might allow remote attackers to execute arbitrary code via a crafted packet, probably related to an improper length value.

9 Mar 2009
10.0
CVSS
CVE-2007-4105CRITICALpoc

A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.

31 Jul 2007
9.3
CVSS
← PrevPage 1 / 1Next →