Vulnerabilities > Facebook > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-1913 | Incorrect Conversion between Numeric Types vulnerability in Facebook Hermes An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. | 8.1 |
| 2020-09-09 | CVE-2020-1912 | Out-of-bounds Write vulnerability in Facebook Hermes An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. | 8.1 |
| 2020-04-09 | CVE-2020-1895 | Integer Overflow or Wraparound vulnerability in Facebook Instagram A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. | 7.8 |
| 2020-03-18 | CVE-2019-11939 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Thrift Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. | 7.5 |
| 2020-03-10 | CVE-2019-3553 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Thrift C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. | 7.5 |
| 2020-03-10 | CVE-2019-11938 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Thrift Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. | 7.5 |
| 2020-03-03 | CVE-2020-1893 | Out-of-bounds Read vulnerability in Facebook Hhvm Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. | 7.5 |
| 2020-03-03 | CVE-2020-1892 | Out-of-bounds Read vulnerability in Facebook Hhvm Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. | 8.1 |
| 2020-03-03 | CVE-2020-1888 | Out-of-bounds Read vulnerability in Facebook Hhvm Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. | 7.5 |
| 2019-12-04 | CVE-2019-11937 | Uncontrolled Recursion vulnerability in Facebook Mcrouter In Mcrouter prior to v0.41.0, a large struct input provided to the Carbon protocol reader could result in stack exhaustion and denial of service. | 7.5 |