Vulnerabilities > Facebook > Hhvm > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2022-36937 | Unspecified vulnerability in Facebook Hhvm HHVM 4.172.0 and all prior versions use TLS 1.0 for secure connections when handling tls:// URLs in the stream extension. | 9.8 |
| 2021-07-23 | CVE-2021-24036 | Integer Overflow or Wraparound vulnerability in Facebook Hhvm Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. | 9.8 |
| 2019-12-04 | CVE-2019-11930 | Release of Invalid Pointer or Reference vulnerability in Facebook Hhvm An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. | 9.8 |
| 2019-11-19 | CVE-2016-1000006 | Use After Free vulnerability in Facebook Hhvm hhvm before 3.12.11 has a use-after-free in the serialize_memoize_param() and ResourceBundle::__construct() functions. | 9.8 |