Vulnerabilities > Whatsapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-03 | CVE-2019-11932 | Double Free vulnerability in multiple products A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image. | 8.8 |
| 2019-09-27 | CVE-2019-11927 | Integer Overflow or Wraparound vulnerability in Whatsapp An integer overflow in WhatsApp media parsing libraries allows a remote attacker to perform an out-of-bounds write on the heap via specially-crafted EXIF tags in WEBP images. | 7.8 |
| 2019-07-16 | CVE-2019-3571 | Improper Input Validation vulnerability in Whatsapp An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension. | 5.3 |
| 2019-06-14 | CVE-2018-6350 | Out-of-bounds Read vulnerability in Whatsapp An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. | 9.8 |
| 2019-06-14 | CVE-2018-6349 | Out-of-bounds Write vulnerability in Whatsapp When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. | 9.8 |
| 2019-06-14 | CVE-2018-6339 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. | 9.8 |
| 2019-06-14 | CVE-2018-20655 | Out-of-bounds Write vulnerability in Whatsapp When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. | 9.8 |
| 2019-05-14 | CVE-2019-3568 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. | 9.8 |
| 2019-05-10 | CVE-2019-3566 | Unspecified vulnerability in Whatsapp and Whatsapp Business A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's account to recover previously sent messages. | 5.9 |
| 2018-12-31 | CVE-2018-6344 | Out-of-bounds Write vulnerability in Whatsapp A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. | 7.5 |