Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook hhvm vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-1917
xbuf_format_converter, used as part of exif_read_data, was appending a terminating null character to the generated string, but was not using its standard append char function. As a result, if the buffer was full, it would result in an out-of-bounds write. This issue affects HHVM ...
Facebook Hhvm
Facebook Hhvm 4.94.0
Facebook Hhvm 4.95.0
Facebook Hhvm 4.96.0
Facebook Hhvm 4.97.0
Facebook Hhvm 4.98.0
5
CVSSv2
CVE-2020-1918
In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions before 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.8...
Facebook Hhvm
Facebook Hhvm 4.94.0
Facebook Hhvm 4.95.0
Facebook Hhvm 4.96.0
Facebook Hhvm 4.97.0
Facebook Hhvm 4.98.0
5
CVSSv2
CVE-2020-1888
Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4....
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
5
CVSSv2
CVE-2020-1893
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (i...
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
6.4
CVSSv2
CVE-2020-1892
Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusiv...
Facebook Hhvm
Facebook Hhvm 4.39.0
Facebook Hhvm 4.40.0
Facebook Hhvm 4.41.0
Facebook Hhvm 4.42.0
Facebook Hhvm 4.43.0
Facebook Hhvm 4.44.0
Facebook Hhvm 4.45.0
5
CVSSv2
CVE-2016-1000109
HHVM does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote malicious users to redirect a CGI application...
Facebook Hhvm
1 Article
7.5
CVSSv2
CVE-2016-1000005
mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions before 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions ...
Facebook Hhvm
7.5
CVSSv2
CVE-2016-1000004
Insufficient type checks were employed prior to casting input data in SimpleXMLElement_exportNode and simplexml_import_dom. This issue affects HHVM versions before 3.9.5, all versions between 3.10.0 and 3.12.3 (inclusive), and all versions between 3.13.0 and 3.14.1 (inclusive).
Facebook Hhvm
7.5
CVSSv2
CVE-2019-11935
Insufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bounds memory. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0,...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
7.5
CVSSv2
CVE-2019-11930
An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »