Vulnerabilities > Whatsapp > Whatsapp > 2.12.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-03 | CVE-2019-11932 | Double Free vulnerability in multiple products A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image. | 8.8 |
| 2019-09-27 | CVE-2019-11927 | Out-of-bounds Write vulnerability in Whatsapp An integer overflow in WhatsApp media parsing libraries allows a remote attacker to perform an out-of-bounds write on the heap via specially-crafted EXIF tags in WEBP images. | 6.8 |
| 2019-06-14 | CVE-2018-6350 | Out-of-bounds Read vulnerability in Whatsapp An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. | 7.5 |
| 2019-06-14 | CVE-2018-6349 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. | 7.5 |
| 2019-06-14 | CVE-2018-20655 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. | 7.5 |
| 2019-05-14 | CVE-2019-3568 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. | 7.5 |
| 2018-12-31 | CVE-2018-6344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. | 5.0 |
| 2017-05-18 | CVE-2017-8769 | Missing Encryption of Sensitive Data vulnerability in Whatsapp Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for cleartext storage of files (Audio, Documents, Images, Video, and Voice Notes) associated with a chat, even after that chat is deleted. | 4.6 |