Filtered by vendor Facebook
Subscriptions
Total
124 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-0660 | 2 Aurigma, Facebook | 3 Image Uploader Activex Control, Facebook, Photouploader | 2024-11-21 | N/A |
Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties. | ||||
CVE-2024-49400 | 1 Facebook | 1 Tacquito | 2024-11-01 | 9.8 Critical |
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended to require a match on the entire string, but instead only enforced a match on a sub-string. That would have potentially allowed unauthorized commands to be executed. | ||||
CVE-2024-45773 | 1 Facebook | 1 Thrift | 2024-09-30 | 7.5 High |
A use-after-free vulnerability involving upgradeToRocket requests can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2024.09.09.00. | ||||
CVE-2024-45863 | 1 Facebook | 1 Thrift | 2024-09-30 | 5.3 Medium |
A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable effects. This issue affects Facebook Thrift from v2024.09.09.00 until v2024.09.23.00. |