Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telegram vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-43363
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.
Telegram Telegram 15.3.1
392
VMScore
CVE-2018-15542
An issue exists in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary pass...
Telegram Telegram 4.8.11
409
VMScore
CVE-2018-15543
An issue exists in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint...
Telegram Telegram 4.8.11
312
VMScore
CVE-2021-30496
The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor...
Telegram Telegram 7.6.2
605
VMScore
CVE-2017-17715
The saveFile method in MediaController.java in the Telegram Messenger application prior to 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak.
Telegram Telegram Messenger
NA
CVE-2023-34658
Telegram v9.6.3 on iOS allows malicious users to hide critical information on the User Interface via calling the function SFSafariViewController.
Telegram Telegram 9.6.3
187
VMScore
CVE-2018-3986
An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0. The "Secret Chats" functionality allows a user to delete all traces of a chat, either by using a time tr...
Telegram Telegram 4.9.0
605
VMScore
CVE-2020-17448
Telegram Desktop up to and including 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension.
Telegram Telegram Desktop
187
VMScore
CVE-2020-25824
Telegram Desktop up to and including 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The threat model is a victim who has voluntarily opened Export Wizard but is then distracted. An attacker then approaches the unattended ...
Telegram Telegram Desktop
446
VMScore
CVE-2019-15514
The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assi...
Telegram Telegram 5.10.0
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »