Filter
-Infinity
0

React DevUtilsOS Command Injection, CSRF

First published (updated )

Facebook TAC+Input Validation

First published (updated )

Facebook HermesA type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Face…

First published (updated )

FollyImproper handling of close_notify alerts can result in an out-of-bounds read in AsyncSSLSocket. This…

First published (updated )

ProxygenUse After Free

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook HipHop Virtual MachineAn invalid free in mb_detect_order can cause the application to crash or potentially result in remot…

First published (updated )

Facebook HipHop Virtual MachineInsufficient boundary checks when processing a string in mb_ereg_replace allows access to out-of-bou…

First published (updated )

Facebook HipHop Virtual MachineVarious APC functions accept keys containing null bytes as input, leading to premature truncation of…

First published (updated )

Facebook HermesUse After Free

First published (updated )

Facebook HipHop Virtual Machinexbuf_format_converter, used as part of exif_read_data, was appending a terminating null character to…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

React DevUtilsOS Command Injection, Command Injection

First published (updated )

Facebook HipHop Virtual MachineInteger Overflow

First published (updated )

Facebook HipHop Virtual MachineUse After Free

First published (updated )

Facebook HipHop Virtual MachineInteger Overflow

First published (updated )

Facebook HermesA logic vulnerability when handling the SaveGeneratorLong instruction in Facebook Hermes prior to co…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ProxygenUse After Free

First published (updated )

debian/hhvmUse After Free

First published (updated )

ProxygenAn out of bounds write is possible via a specially crafted packet in certain configurations of Proxy…

First published (updated )

Facebook HipHop Virtual MachineInteger Overflow

First published (updated )

Facebook HipHop Virtual MachineSelf recursion in compact in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook HipHop Virtual MachineInfinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impac…

First published (updated )

Facebook HipHop Virtual MachineThe array_*_recursive functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified …

First published (updated )

Facebook HipHop Virtual MachineOut-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functio…

First published (updated )

Facebook HipHop Virtual MachineBuffer Overflow, Integer Overflow

First published (updated )

Facebook HermesBy passing invalid javascript code where await and yield were called upon non-async and non-generato…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Facebook ParlaiDue to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML c…

First published (updated )

Facebook HipHop Virtual MachineInteger Overflow

First published (updated )

ThriftAn invalid free in Thrift's table-based serialization can cause the application to crash or potentia…

First published (updated )

CVE-2021-24030The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote argumen…

First published (updated )

Facebook HermesA type confusion vulnerability when resolving properties of JavaScript objects with specially-crafte…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203