Vendor CVEs
All CVEs
136 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-44487 | Hig | 0.65 | 7.5 | 1.00 | KEV | Oct 10, 2023 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |
| CVE-2015-7264 | Cri | 0.64 | 9.8 | 0.01 | Apr 10, 2017 | The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks. | ||
| CVE-2016-6875 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2017 | Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | ||
| CVE-2016-6874 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2017 | The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion. | ||
| CVE-2016-6873 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2017 | Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | ||
| CVE-2016-6872 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2017 | Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | ||
| CVE-2016-6871 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2017 | Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow. | ||
| CVE-2016-6870 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2017 | Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | ||
| CVE-2024-45773 | Hig | 0.49 | 7.5 | 0.00 | Sep 27, 2024 | A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00. | ||
| CVE-2015-7265 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2017 | Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks. | ||
| CVE-2015-7263 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2017 | The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value. | ||
| CVE-2025-30403 | Hig | 0.46 | 8.1 | 0.00 | Jul 11, 2025 | A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst versions prior to v2025.07.07.00. | ||
| CVE-2026-23870 | Hig | 0.42 | 7.5 | 0.02 | May 6, 2026 | A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessive CPU usage; affecting the following packages: react-server-dom-webpack,… | ||
| CVE-2024-45863 | Med | 0.34 | 5.3 | 0.00 | Sep 27, 2024 | A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00. | ||
| CVE-2019-18426 | 0.20 | — | 0.68 | KEV | Jan 21, 2020 | A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted… | ||
| CVE-2013-7035 | med | 0.19 | — | 0.02 | Sep 4, 2020 | Affected versions of `react` are vulnerable to Cross-Site Scripting (XSS). The package fails to properly sanitize input used to create keys. This may allow attackers to execute arbitrary JavaScript if a key is generated from user input. ## Recommendation If you are using… | ||
| CVE-2019-3568 | 0.16 | — | 0.39 | KEV | May 14, 2019 | A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp… | ||
| CVE-2025-55177 | 0.12 | — | 0.04 | KEV | Aug 29, 2025 | Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a… | ||
| CVE-2008-5711 | 0.06 | — | 0.33 | Dec 24, 2008 | Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value. | |||
| CVE-2008-0660 | 0.06 | — | 0.38 | Feb 8, 2008 | Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1)… | |||
| CVE-2025-55184 | 0.03 | — | 0.66 | Dec 11, 2025 | A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The… | |||
| CVE-2025-55183 | 0.02 | — | 0.62 | Dec 11, 2025 | An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack.… | |||
| CVE-2019-11933 | 0.01 | — | 0.04 | Oct 23, 2019 | A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service. | |||
| CVE-2018-6341 | 0.01 | — | 0.03 | Dec 31, 2018 | React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulnerability. This issue affected minor releases 16.0.x, 16.1.x, 16.2.x, 16.3.x, and… | |||
| CVE-2026-23864 | 0.00 | — | 0.02 | Jan 26, 2026 | Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server… | |||
| CVE-2025-67779 | 0.00 | — | 0.19 | Dec 11, 2025 | It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads… | |||
| CVE-2025-55179 | 0.00 | — | 0.00 | Nov 18, 2025 | Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We… | |||
| CVE-2025-30401 | 0.00 | — | 0.16 | Apr 5, 2025 | A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to… | |||
| CVE-2023-49062 | 0.00 | — | 0.01 | Nov 28, 2023 | Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP (v4) Too Big packet generation. After a bpf_xdp_adjust_head call, Katran code didn’t initialize the Identification field for the IPv4 header,… | |||
| CVE-2023-38538 | 0.00 | — | 0.00 | Oct 4, 2023 | A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability. | |||
| CVE-2023-38537 | 0.00 | — | 0.00 | Oct 4, 2023 | A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability. | |||
| CVE-2023-28753 | 0.00 | — | 0.02 | May 18, 2023 | netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. | |||
| CVE-2023-23759 | 0.00 | — | 0.01 | May 18, 2023 | There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process… | |||
| CVE-2022-36937 | 0.00 | — | 0.01 | May 10, 2023 | HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with… | |||
| CVE-2022-36938 | 0.00 | — | 0.01 | Nov 10, 2022 | DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially allowing remote code execution during processing of a 3rd party Android APK file. | |||
| CVE-2021-24043 | 0.00 | — | 0.01 | Feb 2, 2022 | A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, and WhatsApp Desktop v2.2145.0 could have allowed an out-of-bounds heap read if… | |||
| CVE-2021-24046 | 0.00 | — | 0.01 | Jan 14, 2022 | A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0. | |||
| CVE-2021-24042 | 0.00 | — | 0.01 | Jan 4, 2022 | The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have… | |||
| CVE-2021-24041 | 0.00 | — | 0.01 | Dec 7, 2021 | A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image. | |||
| CVE-2019-3556 | 0.00 | — | 0.02 | Oct 26, 2021 | HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter which… | |||
| CVE-2021-24038 | 0.00 | — | 0.00 | Aug 18, 2021 | Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507. | |||
| CVE-2021-24036 | 0.00 | — | 0.03 | Jul 23, 2021 | Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions… | |||
| CVE-2021-24035 | 0.00 | — | 0.01 | Jun 11, 2021 | A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files. | |||
| CVE-2020-1920 | 0.00 | — | 0.01 | Jun 1, 2021 | A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1. | |||
| CVE-2021-24028 | 0.00 | — | 0.02 | Apr 13, 2021 | An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00. | |||
| CVE-2021-24026 | 0.00 | — | 0.01 | Apr 6, 2021 | A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an… | |||
| CVE-2021-24027 | 0.00 | — | 0.04 | Apr 6, 2021 | A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material. | |||
| CVE-2021-24029 | 0.00 | — | 0.01 | Mar 15, 2021 | A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to… | |||
| CVE-2020-1900 | 0.00 | — | 0.01 | Mar 11, 2021 | When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in… | |||
| CVE-2020-1899 | 0.00 | — | 0.01 | Mar 11, 2021 | The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between… |
- risk 0.65cvss 7.5epss 1.00
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
- risk 0.64cvss 9.8epss 0.01
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.
- risk 0.64cvss 9.8epss 0.02
Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
- risk 0.64cvss 9.8epss 0.02
The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion.
- risk 0.64cvss 9.8epss 0.02
Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
- risk 0.64cvss 9.8epss 0.02
Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
- risk 0.64cvss 9.8epss 0.02
Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow.
- risk 0.64cvss 9.8epss 0.02
Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
- risk 0.49cvss 7.5epss 0.00
A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00.
- risk 0.49cvss 7.5epss 0.01
Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.
- risk 0.49cvss 7.5epss 0.01
The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.
- risk 0.46cvss 8.1epss 0.00
A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst versions prior to v2025.07.07.00.
- risk 0.42cvss 7.5epss 0.02
A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessive CPU usage; affecting the following packages: react-server-dom-webpack,…
- risk 0.34cvss 5.3epss 0.00
A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00.
- risk 0.20cvss —epss 0.68
A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted…
- risk 0.19cvss —epss 0.02
Affected versions of `react` are vulnerable to Cross-Site Scripting (XSS). The package fails to properly sanitize input used to create keys. This may allow attackers to execute arbitrary JavaScript if a key is generated from user input. ## Recommendation If you are using…
- risk 0.16cvss —epss 0.39
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp…
- risk 0.12cvss —epss 0.04
Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a…
- CVE-2008-5711Dec 24, 2008risk 0.06cvss —epss 0.33
Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
- CVE-2008-0660Feb 8, 2008risk 0.06cvss —epss 0.38
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1)…
- CVE-2025-55184Dec 11, 2025risk 0.03cvss —epss 0.66
A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The…
- CVE-2025-55183Dec 11, 2025risk 0.02cvss —epss 0.62
An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack.…
- CVE-2019-11933Oct 23, 2019risk 0.01cvss —epss 0.04
A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service.
- CVE-2018-6341Dec 31, 2018risk 0.01cvss —epss 0.03
React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulnerability. This issue affected minor releases 16.0.x, 16.1.x, 16.2.x, 16.3.x, and…
- CVE-2026-23864Jan 26, 2026risk 0.00cvss —epss 0.02
Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server…
- CVE-2025-67779Dec 11, 2025risk 0.00cvss —epss 0.19
It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads…
- CVE-2025-55179Nov 18, 2025risk 0.00cvss —epss 0.00
Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We…
- CVE-2025-30401Apr 5, 2025risk 0.00cvss —epss 0.16
A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to…
- CVE-2023-49062Nov 28, 2023risk 0.00cvss —epss 0.01
Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP (v4) Too Big packet generation. After a bpf_xdp_adjust_head call, Katran code didn’t initialize the Identification field for the IPv4 header,…
- CVE-2023-38538Oct 4, 2023risk 0.00cvss —epss 0.00
A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.
- CVE-2023-38537Oct 4, 2023risk 0.00cvss —epss 0.00
A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.
- CVE-2023-28753May 18, 2023risk 0.00cvss —epss 0.02
netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data.
- CVE-2023-23759May 18, 2023risk 0.00cvss —epss 0.01
There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process…
- CVE-2022-36937May 10, 2023risk 0.00cvss —epss 0.01
HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with…
- CVE-2022-36938Nov 10, 2022risk 0.00cvss —epss 0.01
DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially allowing remote code execution during processing of a 3rd party Android APK file.
- CVE-2021-24043Feb 2, 2022risk 0.00cvss —epss 0.01
A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, and WhatsApp Desktop v2.2145.0 could have allowed an out-of-bounds heap read if…
- CVE-2021-24046Jan 14, 2022risk 0.00cvss —epss 0.01
A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.
- CVE-2021-24042Jan 4, 2022risk 0.00cvss —epss 0.01
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have…
- CVE-2021-24041Dec 7, 2021risk 0.00cvss —epss 0.01
A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image.
- CVE-2019-3556Oct 26, 2021risk 0.00cvss —epss 0.02
HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter which…
- CVE-2021-24038Aug 18, 2021risk 0.00cvss —epss 0.00
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507.
- CVE-2021-24036Jul 23, 2021risk 0.00cvss —epss 0.03
Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions…
- CVE-2021-24035Jun 11, 2021risk 0.00cvss —epss 0.01
A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.
- CVE-2020-1920Jun 1, 2021risk 0.00cvss —epss 0.01
A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1.
- CVE-2021-24028Apr 13, 2021risk 0.00cvss —epss 0.02
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.
- CVE-2021-24026Apr 6, 2021risk 0.00cvss —epss 0.01
A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an…
- CVE-2021-24027Apr 6, 2021risk 0.00cvss —epss 0.04
A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material.
- CVE-2021-24029Mar 15, 2021risk 0.00cvss —epss 0.01
A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to…
- CVE-2020-1900Mar 11, 2021risk 0.00cvss —epss 0.01
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in…
- CVE-2020-1899Mar 11, 2021risk 0.00cvss —epss 0.01
The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between…
Page 1 of 3