Filtered by vendor Facebook Subscriptions
Total 124 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-0660 2 Aurigma, Facebook 3 Image Uploader Activex Control, Facebook, Photouploader 2024-11-21 N/A
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties.
CVE-2024-49400 1 Facebook 1 Tacquito 2024-11-01 9.8 Critical
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That would have potentially allowed unauthorized commands to be executed.
CVE-2024-45773 1 Facebook 1 Thrift 2024-09-30 7.5 High
A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00.
CVE-2024-45863 1 Facebook 1 Thrift 2024-09-30 5.3 Medium
A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00.