Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook hhvm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-36937
HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with TLS1....
Facebook Hhvm 4.172.0
Facebook Hhvm 4.171.0
Facebook Hhvm
9.8
CVSSv3
CVE-2021-24036
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions bef...
Facebook Hhvm
Facebook Hhvm 4.115.0
Facebook Hhvm 4.116.0
Facebook Hhvm 4.117.0
Facebook Hhvm 4.114.0
Facebook Hhvm 4.118.0
Facebook Hhvm 4.118.1
Facebook Folly
9.8
CVSSv3
CVE-2020-1900
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHV...
Facebook Hhvm 4.58.0
Facebook Hhvm 4.58.1
Facebook Hhvm 4.59.0
Facebook Hhvm 4.60.0
Facebook Hhvm 4.61.0
Facebook Hhvm 4.62.0
Facebook Hhvm 4.57.0
Facebook Hhvm
9.8
CVSSv3
CVE-2020-1916
An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM before 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0.
Facebook Hhvm
Facebook Hhvm 4.79.0
Facebook Hhvm 4.83.0
Facebook Hhvm 4.82.0
Facebook Hhvm 4.81.0
Facebook Hhvm 4.80.0
9.8
CVSSv3
CVE-2021-24025
Due to incorrect string size calculations inside the preg_quote function, a large input string passed to the function can trigger an integer overflow leading to a heap overflow. This issue affects HHVM versions before 4.56.3, all versions between 4.57.0 and 4.80.1, all versions b...
Facebook Hhvm 4.95.0
Facebook Hhvm 4.96.0
Facebook Hhvm 4.97.0
Facebook Hhvm 4.98.0
Facebook Hhvm 4.94.0
Facebook Hhvm
9.8
CVSSv3
CVE-2020-1917
xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character to the generated string, but was not using its standard append char function. As a result, if the buffer was full, it would result in an out-of-bounds write. This issue affects HHVM ...
Facebook Hhvm 4.95.0
Facebook Hhvm 4.96.0
Facebook Hhvm 4.97.0
Facebook Hhvm 4.98.0
Facebook Hhvm 4.94.0
Facebook Hhvm
9.8
CVSSv3
CVE-2016-1000004
Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions before 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions between 3.13.0 and 3.14.1 (inclusive).
Facebook Hhvm
9.8
CVSSv3
CVE-2016-1000005
mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions before 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions ...
Facebook Hhvm
9.8
CVSSv3
CVE-2019-11935
Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0,...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
9.8
CVSSv3
CVE-2019-11936
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.2...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »