Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2021/03/11 1:15 a.m.20 views

CVE-2020-1899

The unserialize function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56....

7.5CVSS7.1AI score
Exploits0References2
UbuntuCve
UbuntuCveadded 2021/03/11 1:15 a.m.32 views

CVE-2020-1900

When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32....

9.8CVSS7.2AI score0.00806EPSS
Exploits0References3
CNNVD
CNNVDadded 2021/03/10 12:0 a.m.2 views

Facebook HHVM 资源管理错误漏洞

Facebook HHVM a.k.a. HipHop Virtual Machine is a virtual machine from Facebook Inc. that significantly improves the performance of loading dynamic pages in PHP. A security vulnerability exists in HHVM, which arises from the deserialization of objects with dynamic attributes, resulting in the...

9.8CVSS8.4AI score0.00806EPSS
Exploits0References3
Rows per page
Query Builder