Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telegram telegram desktop vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-12474
Telegram Desktop up to and including 2.0.1, Telegram up to and including 6.0.1 for Android, and Telegram up to and including 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.
Telegram Telegram
Telegram Telegram Desktop
445
VMScore
CVE-2021-36769
A reordering issue exists in Telegram prior to 7.8.1 for Android, Telegram prior to 7.8.3 for iOS, and Telegram Desktop prior to 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.
Telegram Telegram
Telegram Telegram Desktop
357
VMScore
CVE-2018-17780
Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list.
Telegram Telegram Messenger 3.3.0.0
Telegram Telegram Desktop 1.3.14
1 Article
187
VMScore
CVE-2016-10351
Telegram Desktop 0.10.19 uses 0755 permissions for $HOME/.TelegramDesktop, which allows local users to obtain sensitive authentication information via standard filesystem operations.
Telegram Desktop Telegram Desktop 0.10.19
605
VMScore
CVE-2020-17448
Telegram Desktop up to and including 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension.
Telegram Telegram Desktop
187
VMScore
CVE-2020-25824
Telegram Desktop up to and including 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The threat model is a victim who has voluntarily opened Export Wizard but is then distracted. An attacker then approaches the unattended ...
Telegram Telegram Desktop
445
VMScore
CVE-2018-17231
Telegram Desktop (aka tdesktop) 1.3.14 might allow malicious users to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multipl...
Telegram Telegram Desktop 1.3.14
445
VMScore
CVE-2018-17613
Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol.
Telegram Telegram Desktop 1.3.16
605
VMScore
CVE-2019-10044
Telegram Desktop prior to 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if (for example) Latin and...
Telegram Telegram
Telegram Telegram Desktop
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started