Vulnerabilities > Facebook > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-30 | CVE-2019-15840 | Cross-Site Request Forgery (CSRF) vulnerability in Facebook for Woocommerce 1.9.11/1.9.12/1.9.13 The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF. | 6.8 |
| 2019-07-25 | CVE-2019-11922 | Race Condition vulnerability in Facebook Zstandard A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used. | 6.8 |
| 2019-06-26 | CVE-2019-3569 | Exposure of Resource to Wrong Sphere vulnerability in Facebook Hhvm HHVM, when used with FastCGI, would bind by default to all available interfaces. | 5.0 |
| 2019-01-15 | CVE-2019-3554 | Data Processing Errors vulnerability in Facebook Wangle Wangle's AcceptRoutingHandler incorrectly casts a socket when accepting a TLS 1.3 connection, leading to a potential denial of service attack against systems accepting such connections. | 4.3 |
| 2018-12-31 | CVE-2018-6343 | Improper Input Validation vulnerability in Facebook Proxygen 2018.10.29.00/2018.11.05.00/2018.11.12.00 Proxygen fails to validate that a secondary auth manager is set before dereferencing it. | 5.0 |
| 2018-12-31 | CVE-2018-6341 | Cross-site Scripting vulnerability in Facebook React React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. | 4.3 |
| 2018-12-31 | CVE-2018-6340 | Out-of-bounds Read vulnerability in Facebook Hhvm The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. | 6.8 |
| 2018-12-31 | CVE-2018-6337 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Facebook Folly and Hhvm folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. | 5.0 |
| 2018-12-31 | CVE-2018-6335 | Improper Input Validation vulnerability in Facebook Hhvm A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. | 5.0 |
| 2018-12-03 | CVE-2018-6332 | Data Processing Errors vulnerability in Facebook Hhvm A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 settings which can cause the server to spend disproportionate resources. | 4.3 |