Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
whatsapp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-6344
A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS prior to v2.18.93, and WhatsApp for Windows...
Whatsapp Whatsapp
9.8
CVSSv3
CVE-2018-6349
When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for Android before 2.18.248 and WhatsApp Business for Android before 2.18.132.
Whatsapp Whatsapp
9.8
CVSSv3
CVE-2018-6350
An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. This issue affects WhatsApp for Android before 2.18.276, WhatsApp Business for Android before 2.18.99, WhatsApp for iOS before 2.18.100.6, WhatsApp Business for iOS before 2.18.100.2...
Whatsapp Whatsapp
7.8
CVSSv3
CVE-2019-11927
An integer overflow in WhatsApp media parsing libraries allows a remote malicious user to perform an out-of-bounds write on the heap via specially-crafted EXIF tags in WEBP images. This issue affects WhatsApp for Android before version 2.19.143 and WhatsApp for iOS before version...
Whatsapp Whatsapp
5.3
CVSSv3
CVE-2020-1901
Receiving a large text message containing URLs in WhatsApp for iOS prior to v2.20.91.4 could have caused the application to freeze while processing the message.
Whatsapp Whatsapp
3.3
CVSSv3
CVE-2020-1905
Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to open the file to guess the URIs for previously opened attachments until the op...
Whatsapp Whatsapp
6.1
CVSSv3
CVE-2019-11928
An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message.
Whatsapp Whatsapp Desktop
2 Articles
10
CVSSv3
CVE-2020-1889
A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability inside the sandboxed renderer process.
Whatsapp Whatsapp Desktop
1 Article
8.8
CVSSv3
CVE-2019-11932
A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote malicious users to execute arbitrary code or ...
Whatsapp Whatsapp
Android-gif-drawable Project Android-gif-drawable
1 EDB exploit
38 Github repositories
1 Article
9.8
CVSSv3
CVE-2019-11933
A heap buffer overflow bug in libpl_droidsonroids_gif prior to 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote malicious users to execute arbitrary code or cause a denial of service.
Libpl Droidsonroids Gif Project Libpl Droidsonroids Gif
Whatsapp Whatsapp
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »