Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
facebook vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-11925
Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions before 3.30.9, all versions between 4.0.0 and 4.8.3, all vers...
Facebook Hhvm 4.19.0
Facebook Hhvm
668
VMScore
CVE-2019-11926
Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions before 3.30.9, all versions between 4.0.0 and 4.8.3, all...
Facebook Hhvm 4.19.0
Facebook Hhvm
445
VMScore
CVE-2013-4593
RubyGem omniauth-facebook has an access token security vulnerability
Omniauth-facebook Project Omniauth-facebook
605
VMScore
CVE-2014-9524
Multiple cross-site request forgery (CSRF) vulnerabilities in the Facebook Like Box (cardoza-facebook-like-box) plugin prior to 2.8.3 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings via unspeci...
Facebook Like Box Project Facebook Like Box
655
VMScore
CVE-2017-17615
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
Facebook Clone Script Project Facebook Clone Script 1.0
1 EDB exploit
312
VMScore
CVE-2018-6858
Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone Script.
Facebook Clone Script Project Facebook Clone Script 1.0.5
312
VMScore
CVE-2018-5214
The "Add Link to Facebook" plugin up to and including 2.3 for WordPress has XSS via the al2fb_facebook_id parameter to wp-admin/profile.php.
Add Link To Facebook Project Add Link To Facebook
481
VMScore
CVE-2014-7376
The Facebook Profits on Steroids (aka com.wFacebookProfitsonSteroids) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Facebook Profits On Steroids Project Facebook Profits On Steroids 0.1
312
VMScore
CVE-2022-0209
The Mitsol Social Post Feed WordPress plugin prior to 1.11 does not escape some of its settings before outputting them back in attributes, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disa...
Facebook-wall-and-social-integration Project Facebook-wall-and-social-integration
312
VMScore
CVE-2015-3390
Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors.
Facebook Album Fetcher Project Facebook Album Fetcher 7.x-1.x-dev
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »