Vulnerabilidades em facebook
141 resultadosCVE-2019-11928—An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link frEPSS 1.0%CVE-2019-11927—An integer overflow in WhatsApp media parsing libraries allows a remote attacker to perform an out-of-bounds write on the heap via speciallyEPSS 0.9%CVE-2019-3566—A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's accEPSS 0.9%CVE-2023-28081CRITICALA bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and EPSS 0.9%CVE-2023-23557CRITICALAn error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malEPSS 0.9%CVE-2022-40138—An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used toEPSS 0.9%CVE-2022-32234—An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to EPSS 0.9%CVE-2023-25933CRITICALA type confusion bug in TypedArray prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could have been used by a malicious attacker to EPSS 0.9%CVE-2023-23556CRITICALAn error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicioEPSS 0.9%CVE-2022-35289—A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackEPSS 0.9%CVE-2020-1895—A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affectEPSS 0.9%CVE-2018-6343HIGHProxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsiEPSS 0.8%CVE-2019-3571—An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that woEPSS 0.8%CVE-2022-27810—It was possible to trigger an infinite recursion condition in the error handler when Hermes executed specific maliciously formed JavaScript.EPSS 0.7%CVE-2023-24832HIGHA null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to craEPSS 0.7%CVE-2023-23759HIGHThere is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requiresEPSS 0.7%CVE-2020-1902—A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for AndEPSS 0.7%CVE-2020-1903—An issue when unzipping docx, pptx, and xlsx documents in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61EPSS 0.7%CVE-2023-24833HIGHA use-after-free in BigIntPrimitive addition in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by an aEPSS 0.6%CVE-2020-1905—Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, wEPSS 0.6%