Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-1888
Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4....
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
5
CVSSv2
CVE-2020-1893
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (i...
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
5
CVSSv2
CVE-2016-1000109
HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirect a CGI application...
Facebook Hhvm
1 Article
7.5
CVSSv2
CVE-2016-1000004
Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions before 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions between 3.13.0 and 3.14.1 (inclusive).
Facebook Hhvm
7.5
CVSSv2
CVE-2016-1000005
mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions before 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions ...
Facebook Hhvm
4.6
CVSSv2
CVE-2019-18634
In Sudo prior to 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages...
Sudo Project Sudo
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
26 Github repositories
1 Article
7.5
CVSSv2
CVE-2011-3614
An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums prior to 2.0.17.9.
Vanillaforums Vanilla
5
CVSSv2
CVE-2013-4593
RubyGem omniauth-facebook has an access token security vulnerability
Omniauth-facebook Project Omniauth-facebook
6.5
CVSSv2
CVE-2019-19684
nopCommerce v4.2.0 allows privilege escalation via file upload in Presentation/Nop.Web/Admin/Areas/Controllers/PluginController.cs via Admin/FacebookAuthentication/Configure because it is possible to upload a crafted Facebook Auth plugin.
Nopcommerce Nopcommerce 4.20
7.5
CVSSv2
CVE-2019-11930
An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »