Vulnerabilities > Telegram

DATE CVE VULNERABILITY TITLE RISK
2021-10-04 CVE-2021-41861 Unspecified vulnerability in Telegram
The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248.
local
low complexity
telegram
2.1
2021-09-06 CVE-2021-40532 Unspecified vulnerability in Telegram web K Alpha
Telegram Web K Alpha before 0.7.2 mishandles the characters in a document extension.
network
low complexity
telegram
7.5
2021-07-30 CVE-2021-37596 Cross-site Scripting vulnerability in Telegram web K Alpha 0.6.1
Telegram Web K Alpha 0.6.1 allows XSS via a document name.
network
telegram CWE-79
4.3
2021-07-17 CVE-2021-36769 Inadequate Encryption Strength vulnerability in Telegram
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8.
network
low complexity
telegram CWE-326
5.0
2021-05-18 CVE-2021-31315 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library.
network
telegram CWE-787
4.3
2021-05-18 CVE-2021-31317 Type Confusion vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library.
network
telegram CWE-843
4.3
2021-05-18 CVE-2021-31318 Type Confusion vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library.
network
telegram CWE-843
4.3
2021-05-18 CVE-2021-31319 Integer Overflow or Wraparound vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library.
network
telegram CWE-190
4.3
2021-05-18 CVE-2021-31320 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library.
network
telegram CWE-787
5.8
2021-05-18 CVE-2021-31321 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library.
network
telegram CWE-787
5.8