Vulnerabilities > Whatsapp > Whatsapp > 2.16.392
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-03 | CVE-2020-1890 | Improper Input Validation vulnerability in Whatsapp A URL validation issue in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have caused the recipient of a sticker message containing deliberately malformed data to load an image from a sender-controlled URL without user interaction. | 5.0 |
| 2020-09-03 | CVE-2020-1886 | Classic Buffer Overflow vulnerability in Whatsapp A buffer overflow in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have allowed an out-of-bounds write via a specially crafted video stream after receiving and answering a malicious video call. | 6.8 |
| 2019-11-14 | CVE-2019-11931 | Out-of-bounds Write vulnerability in Whatsapp A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. | 6.8 |
| 2019-10-23 | CVE-2019-11933 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service. | 7.5 |
| 2019-10-03 | CVE-2019-11932 | Double Free vulnerability in multiple products A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image. | 8.8 |
| 2019-06-14 | CVE-2018-6350 | Out-of-bounds Read vulnerability in Whatsapp An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. | 7.5 |
| 2019-06-14 | CVE-2018-6349 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. | 7.5 |
| 2019-05-14 | CVE-2019-3568 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. | 7.5 |
| 2018-12-31 | CVE-2018-6344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. | 5.0 |