Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-6334
Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and ...
Facebook Hhvm
7.5
CVSSv2
CVE-2016-6870
Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM prior to 3.15.0 allows malicious users to have unspecified impact via unknown vectors.
Facebook Hhvm
7.5
CVSSv2
CVE-2016-1000005
mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions before 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions ...
Facebook Hhvm
7.5
CVSSv2
CVE-2016-1000006
hhvm prior to 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
Facebook Hhvm
7.5
CVSSv2
CVE-2016-6871
Integer overflow in bcmath in Facebook HHVM prior to 3.15.0 allows malicious users to have unspecified impact via unknown vectors, which triggers a buffer overflow.
Facebook Hhvm
7.5
CVSSv2
CVE-2016-6872
Integer overflow in StringUtil::implode in Facebook HHVM prior to 3.15.0 allows malicious users to have unspecified impact via unknown vectors.
Facebook Hhvm
7.5
CVSSv2
CVE-2016-6875
Infinite recursion in wddx in Facebook HHVM prior to 3.15.0 allows malicious users to have unspecified impact via unknown vectors.
Facebook Hhvm
4.3
CVSSv2
CVE-2020-1915
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows malicious users to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploita...
Facebook Hermes
4.3
CVSSv2
CVE-2020-20093
The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.
Facebook Messenger
4.3
CVSSv2
CVE-2020-20094
Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages
Facebook Instagram
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »