Lucene search
K
TelegramTelegram Desktop

9 matches found

CVE
CVE
added 2021/07/16 11:3 p.m.1285 views

CVE-2021-36769

CVE-2021-36769 describes a reordering issue in Telegram that allows an attacker to cause a server to receive messages in a different order than sent. Affected products/versions include Telegram for Android prior to 7.8.1, Telegram for iOS prior to 7.8.3, and Telegram Desktop prior to 2.8.8. The i...

5.3CVSS5.1AI score0.01047EPSS
CVE
CVE
added 2020/05/01 1:45 p.m.143 views

CVE-2020-12474

CVE-2020-12474 affects Telegram products: Desktop up to 2.0.1, Android up to 6.0.1, and iOS up to 6.0.1. The vulnerability is an IDN Homograph attack triggered by a Punycode-encoded URL in public links or group chat invitations. Connected documents corroborate this description (no public details ...

6.5CVSS6.2AI score0.02527EPSS
CVE
CVE
added 2018/09/29 7:0 p.m.78 views

CVE-2018-17780

CVE-2018-17780 affects Telegram Desktop (tdesktop) 1.3.14 and Telegram 3.3.0.0 WP8.1 on Windows. The root cause is an unsafe default that accepts P2P connections from outside the user’s My Contacts list, enabling leakage of both public and private IP addresses during calls. The vulnerability is d...

6.5CVSS6.7AI score0.01779EPSS
CVE
CVE
added 2020/08/11 4:2 p.m.68 views

CVE-2020-17448

Summary (CVE-2020-17448, Telegram Desktop): Telegram Desktop up to version 2.1.13 is affected by a spoofed file type that bypasses the Dangerous File Type Execution protection, demonstrated by a filename without an extension. Root cause: failure of the protection mechanism to correctly validate f...

7.8CVSS7.5AI score0.02281EPSS
CVE
CVE
added 2019/03/25 7:29 p.m.58 views

CVE-2019-10044

CVE-2019-10044 affects Telegram Desktop before 1.5.12 on Windows and Telegram apps for Android, iOS, and Linux. The vulnerability is an IDN homograph issue where clickable links are produced for URLs that may mix Latin and Cyrillic characters in the same domain, aided by a font with identical gly...

8.8CVSS8.6AI score0.0328EPSS
CVE
CVE
added 2020/10/14 2:10 p.m.56 views

CVE-2020-25824

Telegram Desktop up to version 2.4.3 is vulnerable: when a user opens the Export Telegram Data wizard, pressing the Export key on an unattended, distracted desktop allows an attacker to access all chat conversations and media files because no passcode is required. Affected product: Telegram Deskt...

2.4CVSS4.2AI score0.00543EPSS
CVE
CVE
added 2018/09/28 10:0 a.m.54 views

CVE-2018-17613

CVE-2018-17613 affects Telegram Desktop (tdesktop) 1.3.16 alpha. When “Use proxy” is enabled, it transmits credentials and application data in cleartext over the SOCKS5 protocol. The description does not provide exploit details, affected versions beyond 1.3.16 alpha, or any remediation in place w...

9.8CVSS9.4AI score0.01625EPSS
CVE
CVE
added 2018/09/19 10:0 p.m.40 views

CVE-2018-17231

CVE-2018-17231 concerns Telegram Desktop (tdesktop) 1.3.14, where an attacker could cause a denial of service by performing an "+Edit color palette+" search that triggers an index-out-of-range condition. The issue is noted as disputed by third parties because the attack does not cross a privilege...

7.5CVSS7.3AI score0.01511EPSS
CVE
CVE
added 2026/01/15 11:25 p.m.18 views

CVE-2021-47793

Telegram Desktop 2.9.2 is affected by a Denial of Service vulnerability. An attacker can crash the app by pasting an oversized message payload (a 9,000,000‑byte buffer) into the messaging interface. The vulnerability is cited as CVE-2021-47793. Connected sources indicate PoC availability (e.g., E...

7.5CVSS6.5AI score0.00451EPSS