Telegram

Telegram

28 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2024-54916

  • EPSS 1.87%
  • Veröffentlicht 11.02.2025 23:15:09
  • Zuletzt bearbeitet 18.03.2025 15:15:57

An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate attacker to bypass authentication and escalate privileges by manipulating the return value of the checkPasscode method.

8.1

CVE-2024-7014

  • EPSS 17.55%
  • Veröffentlicht 23.07.2024 10:15:02
  • Zuletzt bearbeitet 09.02.2026 19:34:18

EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android application affecting versions 10.14.4 and older.

5.3

CVE-2023-34658

  • EPSS 0.07%
  • Veröffentlicht 29.06.2023 17:15:09
  • Zuletzt bearbeitet 27.11.2024 15:15:23

Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.

5.5

CVE-2023-26818

Exploit
  • EPSS 3.61%
  • Veröffentlicht 19.05.2023 12:15:09
  • Zuletzt bearbeitet 21.01.2025 20:15:28

Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.

6.1

CVE-2022-43363

Exploit
  • EPSS 0.23%
  • Veröffentlicht 06.12.2022 16:15:11
  • Zuletzt bearbeitet 21.11.2024 07:26:20

Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding.

3.3

CVE-2021-41861

  • EPSS 0.06%
  • Veröffentlicht 04.10.2021 03:15:16
  • Zuletzt bearbeitet 21.11.2024 06:26:54

The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. After approximately two to four uses of the self-destruct feature, there is a misleading UI in...

5.3

CVE-2021-36769

  • EPSS 0.29%
  • Veröffentlicht 17.07.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:14:03

A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.

5.5

CVE-2021-31317

Exploit
  • EPSS 0.17%
  • Veröffentlicht 18.05.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:25

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-o...

5.5

CVE-2021-31323

Exploit
  • EPSS 0.48%
  • Veröffentlicht 18.05.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:25

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to acce...

5.5

CVE-2021-31322

Exploit
  • EPSS 0.37%
  • Veröffentlicht 18.05.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:25

Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory...