Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
whatsapp whatsapp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-6349
When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for Android before 2.18.248 and WhatsApp Business for Android before 2.18.132.
Whatsapp Whatsapp
9.8
CVSSv3
CVE-2018-6339
When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. An off-by-one error meant that data was written beyond the allocated space on the stack. This issue affects WhatsApp for Android starting in versi...
Whatsapp Whatsapp
3.3
CVSSv3
CVE-2020-1905
Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the op...
Whatsapp Whatsapp
6.5
CVSSv3
CVE-2020-20096
Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.
Whatsapp Whatsapp
5.3
CVSSv3
CVE-2019-3571
An input validation issue affected WhatsApp Desktop versions before 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.
Whatsapp Whatsapp
9.8
CVSSv3
CVE-2018-6350
An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for Android before 2.18.276, WhatsApp Business for Android before 2.18.99, WhatsApp for iOS before 2.18.100.6, WhatsApp Business for iOS before 2.18.100.2...
Whatsapp Whatsapp
10
CVSSv3
CVE-2020-1889
A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability inside the sandboxed renderer process.
Whatsapp Whatsapp Desktop
1 Article
6.1
CVSSv3
CVE-2019-11928
An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message.
Whatsapp Whatsapp Desktop
2 Articles
8.8
CVSSv3
CVE-2019-11932
A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote malicious users to execute arbitrary code or ...
Whatsapp Whatsapp
Android-gif-drawable Project Android-gif-drawable
1 EDB exploit
38 Github repositories
1 Article
9.8
CVSSv3
CVE-2019-11933
A heap buffer overflow bug in libpl_droidsonroids_gif prior to 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote malicious users to execute arbitrary code or cause a denial of service.
Libpl Droidsonroids Gif Project Libpl Droidsonroids Gif
Whatsapp Whatsapp
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »