Vulnerabilities > Whatsapp > Whatsapp > 2.16.95
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-03 | CVE-2020-1890 | Improper Input Validation vulnerability in Whatsapp A URL validation issue in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have caused the recipient of a sticker message containing deliberately malformed data to load an image from a sender-controlled URL without user interaction. | 5.0 |
| 2020-09-03 | CVE-2020-1886 | Classic Buffer Overflow vulnerability in Whatsapp A buffer overflow in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have allowed an out-of-bounds write via a specially crafted video stream after receiving and answering a malicious video call. | 6.8 |
| 2019-11-14 | CVE-2019-11931 | Out-of-bounds Write vulnerability in Whatsapp A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. | 6.8 |
| 2019-10-23 | CVE-2019-11933 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service. | 7.5 |
| 2019-10-03 | CVE-2019-11932 | Double Free vulnerability in multiple products A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image. | 8.8 |
| 2019-06-14 | CVE-2018-6350 | Out-of-bounds Read vulnerability in Whatsapp An out-of-bounds read was possible in WhatsApp due to incorrect parsing of RTP extension headers. | 7.5 |
| 2019-06-14 | CVE-2018-6349 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. | 7.5 |
| 2019-05-14 | CVE-2019-3568 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number. | 7.5 |
| 2018-12-31 | CVE-2018-6344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. | 5.0 |
| 2017-05-18 | CVE-2017-8769 | Missing Encryption of Sensitive Data vulnerability in Whatsapp Facebook WhatsApp Messenger before 2.16.323 for Android uses the SD card for cleartext storage of files (Audio, Documents, Images, Video, and Voice Notes) associated with a chat, even after that chat is deleted. | 4.6 |