Filter
AND

Facebook Meta Spark StudioPrior to v176, when opening a new project Meta Spark Studio would execute scripts defined inside of …

7.8
EPSS
0.06%
First published (updated )

Facebook KatranKatran could disclose non-initialized kernel memory as part of an IP header. The issue was present f…

7.5
First published (updated )

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

First published (updated )

Facebook HermesUse After Free

7.5
First published (updated )

Facebook HermesNull Pointer Dereference

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook FizzThere is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be tr…

7.5
First published (updated )

pip/zstdBuffer Overflow

7.5
First published (updated )

Facebook HermesIt was possible to trigger an infinite recursion condition in the error handler when Hermes executed…

7.5
First published (updated )

Facebook HHVMPath Traversal

8.1
First published (updated )

Facebook ParlaiDeserialization of Untrusted Data in parlai

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook React-nativeA regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cau…

7.5
First published (updated )

Facebook FacebookCSRF

8.8
First published (updated )

Facebook FacebookCVE-2021-24217

8.1
First published (updated )

Facebook MvfstA packet of death scenario is possible in mvfst via a specially crafted message during a QUIC sessio…

7.5
First published (updated )

Facebook HHVMBuffer Overflow

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook HHVMThe fb_unserialize function did not impose a depth limit for nested deserialization. That meant a ma…

7.5
First published (updated )

Facebook HHVMIn the crypt function, we attempt to null terminate a buffer using the size of the input salt withou…

7.5
First published (updated )

Facebook HHVMIncorrect bounds calculations in substr_compare could lead to an out-of-bounds read when the second …

7.5
First published (updated )

Facebook HHVMIn-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking…

7.5
First published (updated )

Facebook HermesAn out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b232…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook HermesAn Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7e…

8.1
First published (updated )

Facebook HermesAn out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions i…

8.1
First published (updated )

Facebook InstagramInteger Overflow

7.8
First published (updated )

go/github.com/facebook/fbthriftGolang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes…

7.5
First published (updated )

Facebook ThriftC++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes la…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook ThriftJava Facebook Thrift servers would not error upon receiving messages declaring containers of sizes l…

7.5
First published (updated )

Facebook HHVMInsufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds m…

8.1
First published (updated )

Facebook HHVMInsufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially …

7.5
First published (updated )

Facebook HHVMInsufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, poten…

7.5
First published (updated )

Facebook McrouterIn Mcrouter prior to v0.41.0, a large struct input provided to the Carbon protocol reader could resu…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook McrouterIn Mcrouter prior to v0.41.0, the deprecated ASCII parser would allocate a buffer to a user-specifie…

7.5
First published (updated )

Facebook Facebook For WoocommerceCSRF

8.8
First published (updated )

Facebook Facebook For WoocommerceCSRF

8.8
First published (updated )

Facebook FizzA peer could send empty handshake fragments containing only padding which would be kept in memory un…

7.8
First published (updated )

Facebook ZstandardRace Condition

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook HHVMHHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could…

7.5
First published (updated )

Facebook ThriftLegacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messag…

7.5
First published (updated )

Facebook ThriftPython Facebook Thrift servers would not error upon receiving messages with containers of fields of …

7.5
First published (updated )

Facebook ThriftJava Facebook Thrift servers would not error upon receiving messages with containers of fields of un…

7.5
First published (updated )

Facebook ThriftC++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of …

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook ThriftInput Validation

7.5
First published (updated )

Facebook FizzAn improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infi…

7.5
First published (updated )

Facebook FollyBuffer Overflow

7.5
First published (updated )

Facebook HHVMThe Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting thi…

8.1
First published (updated )

Facebook ProxygenInput Validation, Null Pointer Dereference

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook HHVMInput Validation

7.5
First published (updated )

Facebook HipHop Virtual MachineInteger Overflow

7.5
First published (updated )

Facebook HipHop Virtual MachineCode Injection, CRLF Injection

7.5
First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203