Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
telegram vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2018-15542
An issue exists in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary pass...
Telegram Telegram 4.8.11
4.6
CVSSv2
CVE-2018-15543
An issue exists in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint...
Telegram Telegram 4.8.11
2.1
CVSSv2
CVE-2020-25824
Telegram Desktop up to and including 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The threat model is a victim who has voluntarily opened Export Wizard but is then distracted. An attacker then approaches the unattended ...
Telegram Telegram Desktop
6.8
CVSSv2
CVE-2020-17448
Telegram Desktop up to and including 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension.
Telegram Telegram Desktop
NA
CVE-2022-43363
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.
Telegram Telegram 15.3.1
5
CVSSv2
CVE-2019-15514
The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assi...
Telegram Telegram 5.10.0
2 Github repositories
NA
CVE-2023-34658
Telegram v9.6.3 on iOS allows malicious users to hide critical information on the User Interface via calling the function SFSafariViewController.
Telegram Telegram 9.6.3
3.5
CVSSv2
CVE-2021-30496
The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the vendor...
Telegram Telegram 7.6.2
6.8
CVSSv2
CVE-2017-17715
The saveFile method in MediaController.java in the Telegram Messenger application prior to 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak.
Telegram Telegram Messenger
2.1
CVSSv2
CVE-2018-3986
An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0. The "Secret Chats" functionality allows a user to delete all traces of a chat, either by using a time tr...
Telegram Telegram 4.9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »