Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
whatsapp whatsapp desktop vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2019-18426
A vulnerability in WhatsApp Desktop versions before 0.3.9309 when paired with WhatsApp for iPhone versions before 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text mes...
Whatsapp Whatsapp
Whatsapp Whatsapp For Desktop
5 Github repositories
1 Article
6.1
CVSSv3
CVE-2019-11928
An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message.
Whatsapp Whatsapp Desktop
2 Articles
10
CVSSv3
CVE-2020-1889
A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability inside the sandboxed renderer process.
Whatsapp Whatsapp Desktop
1 Article
9.1
CVSSv3
CVE-2021-24043
A missing bound check in RTCP flag parsing code prior to WhatsApp for Android v2.21.23.2, WhatsApp Business for Android v2.21.23.2, WhatsApp for iOS v2.21.230.6, WhatsApp Business for iOS 2.21.230.7, and WhatsApp Desktop v2.2145.0 could have allowed an out-of-bounds heap read if ...
Whatsapp Whatsapp 2.21.23.2
Whatsapp Whatsapp 2.21.230.6
Whatsapp Whatsapp 2.2145.0
Whatsapp Whatsapp Business 2.21.23.2
Whatsapp Whatsapp Business 2.21.230.7
5.3
CVSSv3
CVE-2019-3571
An input validation issue affected WhatsApp Desktop versions before 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.
Whatsapp Whatsapp
9.8
CVSSv3
CVE-2021-24042
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allo...
Whatsapp Whatsapp
6.4
CVSSv3
CVE-2017-1000367
Todd Miller's sudo version 1.8.20 and previous versions is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
Sudo Project Sudo
1 EDB exploit
4 Github repositories
10
CVSSv3
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
80 Github repositories
6 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started