Vulnerabilities > Facebook
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-1913 | Incorrect Conversion between Numeric Types vulnerability in Facebook Hermes An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. | 6.8 |
| 2020-09-09 | CVE-2020-1912 | Out-of-bounds Write vulnerability in Facebook Hermes An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. | 8.1 |
| 2020-09-04 | CVE-2020-1911 | Type Confusion vulnerability in Facebook Hermes A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. | 6.8 |
| 2020-05-18 | CVE-2020-1897 | Use After Free vulnerability in Facebook Proxygen A use-after-free is possible due to an error in lifetime management in the request adaptor when a malicious client invokes request error handling in a specific sequence. | 7.5 |
| 2020-04-09 | CVE-2020-1895 | Integer Overflow or Wraparound vulnerability in Facebook Instagram A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. | 6.8 |
| 2020-03-18 | CVE-2019-11939 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Thrift Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. | 5.0 |
| 2020-03-10 | CVE-2019-3553 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Thrift C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. | 5.0 |
| 2020-03-10 | CVE-2019-11938 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Thrift Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. | 5.0 |
| 2020-03-03 | CVE-2020-1893 | Out-of-bounds Read vulnerability in Facebook Hhvm Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. | 5.0 |
| 2020-03-03 | CVE-2020-1892 | Out-of-bounds Read vulnerability in Facebook Hhvm Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. | 6.4 |