Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-3569
HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7...
Facebook Hhvm 4.0.2
Facebook Hhvm 4.0.3
Facebook Hhvm 4.0.4
Facebook Hhvm 4.1.0
Facebook Hhvm 4.0.0
Facebook Hhvm 4.3.0
Facebook Hhvm 4.5.0
Facebook Hhvm 4.6.0
Facebook Hhvm 4.7.0
Facebook Hhvm 4.8.0
Facebook Hhvm
Facebook Hhvm 4.0.1
Facebook Hhvm 4.2.0
Facebook Hhvm 4.4.0
7.5
CVSSv2
CVE-2021-24036
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions bef...
Facebook Hhvm
Facebook Hhvm 4.115.0
Facebook Hhvm 4.116.0
Facebook Hhvm 4.117.0
Facebook Hhvm 4.114.0
Facebook Hhvm 4.118.0
Facebook Hhvm 4.118.1
Facebook Folly
7.5
CVSSv2
CVE-2019-11929
Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions before 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 ...
Facebook Hhvm 4.23.0
Facebook Hhvm 4.19.1
Facebook Hhvm
Facebook Hhvm 4.20.0
Facebook Hhvm 4.20.1
Facebook Hhvm 4.20.2
Facebook Hhvm 4.21.0
Facebook Hhvm 4.22.0
Facebook Hhvm 4.19.0
6.4
CVSSv2
CVE-2020-1892
Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusiv...
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
5
CVSSv2
CVE-2020-1893
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (i...
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
5
CVSSv2
CVE-2020-1898
The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.5...
Facebook Hhvm
Facebook Hhvm 4.57.0
Facebook Hhvm 4.58.0
Facebook Hhvm 4.58.1
Facebook Hhvm 4.59.0
Facebook Hhvm 4.60.0
Facebook Hhvm 4.61.0
Facebook Hhvm 4.62.0
5
CVSSv2
CVE-2020-1899
The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, betw...
Facebook Hhvm
Facebook Hhvm 4.57.0
Facebook Hhvm 4.58.0
Facebook Hhvm 4.58.1
Facebook Hhvm 4.59.0
Facebook Hhvm 4.60.0
Facebook Hhvm 4.61.0
Facebook Hhvm 4.62.0
7.5
CVSSv2
CVE-2020-1900
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHV...
Facebook Hhvm
Facebook Hhvm 4.57.0
Facebook Hhvm 4.58.0
Facebook Hhvm 4.58.1
Facebook Hhvm 4.59.0
Facebook Hhvm 4.60.0
Facebook Hhvm 4.61.0
Facebook Hhvm 4.62.0
5
CVSSv2
CVE-2020-1888
Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4....
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
4.3
CVSSv2
CVE-2014-6392
Cross-site scripting (XSS) vulnerability in the Facebook app 14.0 and the Facebook Messenger app 10.0 for iOS allows remote malicious users to inject arbitrary web script or HTML via a crafted filename extension that is improperly handled during MIME sniffing of chat traffic. NOT...
Facebook Facebook 14.0
Facebook Facebook Messenger 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »