Vulnerabilities > Telegram
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-29 | CVE-2018-17780 | Information Exposure vulnerability in Telegram Desktop and Telegram Messenger Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list. | 4.0 |
| 2018-09-28 | CVE-2018-17613 | Insufficiently Protected Credentials vulnerability in Telegram Desktop 1.3.16 Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol. | 5.0 |
| 2018-09-19 | CVE-2018-17231 | Reachable Assertion vulnerability in Telegram Desktop 1.3.14 Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. | 7.5 |
| 2017-12-16 | CVE-2017-17715 | Path Traversal vulnerability in Telegram Messenger The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak. | 6.8 |
| 2017-03-14 | CVE-2014-8688 | Information Exposure vulnerability in Telegram Messenger 1.8.2/2.6 An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. | 5.0 |