Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook hhvm vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-6874
The array_*_recursive functions in Facebook HHVM prior to 3.15.0 allows malicious users to have unspecified impact via unknown vectors, related to recursion.
Facebook Hhvm
668
VMScore
CVE-2016-6875
Infinite recursion in wddx in Facebook HHVM prior to 3.15.0 allows malicious users to have unspecified impact via unknown vectors.
Facebook Hhvm
383
VMScore
CVE-2014-9714
Cross-site scripting (XSS) vulnerability in the WddxPacket::recursiveAddVar function in HHVM (aka the HipHop Virtual Machine) prior to 3.5.0 allows remote malicious users to inject arbitrary web script or HTML via a crafted string to the wddx_serialize_value function.
Facebook Hiphop Virtual Machine
668
VMScore
CVE-2014-6228
Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via crafted a...
Facebook Hiphop Virtual Machine
445
VMScore
CVE-2014-6229
The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 incorrectly expects that a certain key string uses '\0' for termination, which allows remote malicious users to obtain sensitive information by leveraging rea...
Facebook Hiphop Virtual Machine
445
VMScore
CVE-2014-5386
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 does not seed the random number generator, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by leveraging...
Facebook Hiphop Virtual Machine
668
VMScore
CVE-2014-2208
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 2.4.2 allows remote malicious users to execute arbitrary commands by entering a \n (newline) character before the end of a st...
Facebook Hiphop Virtual Machine
445
VMScore
CVE-2014-2209
Facebook HipHop Virtual Machine (HHVM) prior to 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote malicious users to bypass intended access restrictions by leveraging group permissions for a fil...
Facebook Hiphop Virtual Machine
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5