VYPR

Vendor CVEs

Facebook

All CVEs

136 total · sorted by risk
  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2015-7264CriApr 10, 2017
    risk 0.64cvss 9.8epss 0.01

    The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks.

  • CVE-2016-6875CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.

  • CVE-2016-6874CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.02

    The array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, related to recursion.

  • CVE-2016-6873CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Self recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.

  • CVE-2016-6872CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Integer overflow in StringUtil::implode in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.

  • CVE-2016-6871CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Integer overflow in bcmath in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors, which triggers a buffer overflow.

  • CVE-2016-6870CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.

  • CVE-2024-45773HigSep 27, 2024
    risk 0.49cvss 7.5epss 0.00

    A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00.

  • CVE-2015-7265HigApr 10, 2017
    risk 0.49cvss 7.5epss 0.01

    Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks.

  • CVE-2015-7263HigApr 10, 2017
    risk 0.49cvss 7.5epss 0.01

    The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value.

  • CVE-2025-30403HigJul 11, 2025
    risk 0.46cvss 8.1epss 0.00

    A heap-buffer-overflow vulnerability is possible in mvfst via a specially crafted message during a QUIC session. This issue affects mvfst versions prior to v2025.07.07.00.

  • CVE-2026-23870HigMay 6, 2026
    risk 0.42cvss 7.5epss 0.02

    A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server crashes, out-of-memory exceptions or excessive CPU usage; affecting the following packages: react-server-dom-webpack,…

  • CVE-2024-45863MedSep 27, 2024
    risk 0.34cvss 5.3epss 0.00

    A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00.

  • CVE-2019-18426KEVJan 21, 2020
    risk 0.20cvss epss 0.68

    A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted…

  • CVE-2013-7035medSep 4, 2020
    risk 0.19cvss epss 0.02

    Affected versions of `react` are vulnerable to Cross-Site Scripting (XSS). The package fails to properly sanitize input used to create keys. This may allow attackers to execute arbitrary JavaScript if a key is generated from user input. ## Recommendation If you are using…

  • CVE-2019-3568KEVMay 14, 2019
    risk 0.16cvss epss 0.39

    A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp…

  • CVE-2025-55177KEVAug 29, 2025
    risk 0.12cvss epss 0.04

    Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a…

  • CVE-2008-5711Dec 24, 2008
    risk 0.06cvss epss 0.33

    Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.

  • CVE-2008-0660Feb 8, 2008
    risk 0.06cvss epss 0.38

    Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1)…

  • CVE-2025-55184Dec 11, 2025
    risk 0.03cvss epss 0.66

    A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The…

  • CVE-2025-55183Dec 11, 2025
    risk 0.02cvss epss 0.62

    An information leak vulnerability exists in specific configurations of React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack.…

  • CVE-2019-11933Oct 23, 2019
    risk 0.01cvss epss 0.04

    A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service.

  • CVE-2018-6341Dec 31, 2018
    risk 0.01cvss epss 0.03

    React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulnerability. This issue affected minor releases 16.0.x, 16.1.x, 16.2.x, 16.3.x, and…

  • CVE-2026-23864Jan 26, 2026
    risk 0.00cvss epss 0.02

    Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server…

  • CVE-2025-67779Dec 11, 2025
    risk 0.00cvss epss 0.19

    It was found that the fix addressing CVE-2025-55184 in React Server Components was incomplete and does not prevent a denial of service attack in a specific case. React Server Components versions 19.0.2, 19.1.3 and 19.2.2 are affected, allowing unsafe deserialization of payloads…

  • CVE-2025-55179Nov 18, 2025
    risk 0.00cvss epss 0.00

    Incomplete validation of rich response messages in WhatsApp for iOS prior to v2.25.23.73, WhatsApp Business for iOS v2.25.23.82, and WhatsApp for Mac v2.25.23.83 could have allowed a user to trigger processing of media content from an arbitrary URL on another user’s device. We…

  • CVE-2025-30401Apr 5, 2025
    risk 0.00cvss epss 0.16

    A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachment’s filename extension. A maliciously crafted mismatch could have caused the recipient to…

  • CVE-2023-49062Nov 28, 2023
    risk 0.00cvss epss 0.01

    Katran could disclose non-initialized kernel memory as part of an IP header. The issue was present for IPv4 encapsulation and ICMP (v4) Too Big packet generation. After a bpf_xdp_adjust_head call, Katran code didn’t initialize the Identification field for the IPv4 header,…

  • CVE-2023-38538Oct 4, 2023
    risk 0.00cvss epss 0.00

    A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.

  • CVE-2023-38537Oct 4, 2023
    risk 0.00cvss epss 0.00

    A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability.

  • CVE-2023-28753May 18, 2023
    risk 0.00cvss epss 0.02

    netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data.

  • CVE-2023-23759May 18, 2023
    risk 0.00cvss epss 0.01

    There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process…

  • CVE-2022-36937May 10, 2023
    risk 0.00cvss epss 0.01

    HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. TLS1.0 has numerous published vulnerabilities and is deprecated. HHVM 4.153.4, 4.168.2, 4.169.2, 4.170.2, 4.171.1, 4.172.1, 4.173.0 replaces TLS1.0 with…

  • CVE-2022-36938Nov 10, 2022
    risk 0.00cvss epss 0.01

    DexLoader function get_stringidx_fromdex() in Redex prior to commit 3b44c64 can load an out of bound address when loading the string index table, potentially allowing remote code execution during processing of a 3rd party Android APK file.

  • CVE-2021-24043Feb 2, 2022
    risk 0.00cvss epss 0.01

    A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, and WhatsApp Desktop v2.2145.0 could have allowed an out-of-bounds heap read if…

  • CVE-2021-24046Jan 14, 2022
    risk 0.00cvss epss 0.01

    A logic flaw in Ray-Ban® Stories device software allowed some parameters like video capture duration limit to be modified through the Facebook View application. This issue affected versions of device software before 2107460.6810.0.

  • CVE-2021-24042Jan 4, 2022
    risk 0.00cvss epss 0.01

    The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have…

  • CVE-2021-24041Dec 7, 2021
    risk 0.00cvss epss 0.01

    A missing bounds check in image blurring code prior to WhatsApp for Android v2.21.22.7 and WhatsApp Business for Android v2.21.22.7 could have allowed an out-of-bounds write if a user sent a malicious image.

  • CVE-2019-3556Oct 26, 2021
    risk 0.00cvss epss 0.02

    HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, can be used to output cached regular expressions from the current execution context into a file. The handler takes a parameter which…

  • CVE-2021-24038Aug 18, 2021
    risk 0.00cvss epss 0.00

    Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507.

  • CVE-2021-24036Jul 23, 2021
    risk 0.00cvss epss 0.03

    Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions…

  • CVE-2021-24035Jun 11, 2021
    risk 0.00cvss epss 0.01

    A lack of filename validation when unzipping archives prior to WhatsApp for Android v2.21.8.13 and WhatsApp Business for Android v2.21.8.13 could have allowed path traversal attacks that overwrite WhatsApp files.

  • CVE-2020-1920Jun 1, 2021
    risk 0.00cvss epss 0.01

    A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced in react-native version 0.59.0 and fixed in version 0.64.1.

  • CVE-2021-24028Apr 13, 2021
    risk 0.00cvss epss 0.02

    An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.

  • CVE-2021-24026Apr 6, 2021
    risk 0.00cvss epss 0.01

    A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.32, and WhatsApp Business for iOS prior to v2.21.32 could have allowed an…

  • CVE-2021-24027Apr 6, 2021
    risk 0.00cvss epss 0.04

    A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material.

  • CVE-2021-24029Mar 15, 2021
    risk 0.00cvss epss 0.01

    A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to…

  • CVE-2020-1900Mar 11, 2021
    risk 0.00cvss epss 0.01

    When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in…

  • CVE-2020-1899Mar 11, 2021
    risk 0.00cvss epss 0.01

    The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between…

Page 1 of 3