Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook hhvm vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-11936
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.2...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
668
VMScore
CVE-2016-1000006
hhvm prior to 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions.
Facebook Hhvm
668
VMScore
CVE-2019-11929
Insufficient boundary checks when formatting numbers in number_format allows read/write access to out-of-bounds memory, potentially leading to remote code execution. This issue affects HHVM versions before 3.30.10, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 ...
Facebook Hhvm 4.23.0
Facebook Hhvm 4.19.1
Facebook Hhvm
Facebook Hhvm 4.20.0
Facebook Hhvm 4.20.1
Facebook Hhvm 4.20.2
Facebook Hhvm 4.21.0
Facebook Hhvm 4.22.0
Facebook Hhvm 4.19.0
668
VMScore
CVE-2019-11925
Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions before 3.30.9, all versions between 4.0.0 and 4.8.3, all vers...
Facebook Hhvm 4.19.0
Facebook Hhvm
668
VMScore
CVE-2019-11926
Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions before 3.30.9, all versions between 4.0.0 and 4.8.3, all...
Facebook Hhvm 4.19.0
Facebook Hhvm
668
VMScore
CVE-2019-3570
Call to the scrypt_enc() function in HHVM can lead to heap corruption by using specifically crafted parameters (N, r and p). This happens if the parameters are configurable by an attacker for instance by providing the output of scrypt_enc() in a context where Hack/PHP code would ...
Facebook Hiphop Virtual Machine 4.4.0
Facebook Hiphop Virtual Machine 4.5.0
Facebook Hiphop Virtual Machine 4.6.0
Facebook Hiphop Virtual Machine 4.7.0
Facebook Hiphop Virtual Machine 4.1.0
Facebook Hiphop Virtual Machine 4.3.0
Facebook Hiphop Virtual Machine 4.8.0
Facebook Hiphop Virtual Machine 4.2.0
Facebook Hiphop Virtual Machine
445
VMScore
CVE-2019-3569
HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7...
Facebook Hhvm 4.0.2
Facebook Hhvm 4.0.3
Facebook Hhvm 4.0.4
Facebook Hhvm 4.1.0
Facebook Hhvm 4.0.0
Facebook Hhvm 4.3.0
Facebook Hhvm 4.5.0
Facebook Hhvm 4.6.0
Facebook Hhvm 4.7.0
Facebook Hhvm 4.8.0
Facebook Hhvm
Facebook Hhvm 4.0.1
Facebook Hhvm 4.2.0
Facebook Hhvm 4.4.0
668
VMScore
CVE-2019-3561
Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. This affects all supported versions of HHVM (4.0.3, 3.30.4, and 3.27.7 and below).
Facebook Hhvm
668
VMScore
CVE-2018-6345
The function number_format is vulnerable to a heap overflow issue when its second argument ($dec_points) is excessively large. The internal implementation of the function will cause a string to be created with an invalid length, which can then interact poorly with other functions...
Facebook Hhvm
668
VMScore
CVE-2019-3557
The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some stream functions, such as stream_get_line, to trigger an out-of-bounds read when operating on such malformed streams. The ...
Facebook Hhvm
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »