Vulnerabilities > Telegram > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-29 CVE-2023-34658 Unspecified vulnerability in Telegram 9.6.3
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.
network
low complexity
telegram
5.3
2023-05-19 CVE-2023-26818 Incorrect Authorization vulnerability in Telegram 9.3.1/9.4
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag.
local
low complexity
telegram CWE-863
5.5
2022-12-06 CVE-2022-43363 Cross-site Scripting vulnerability in Telegram 15.3.1
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website.
network
low complexity
telegram CWE-79
6.1
2021-07-30 CVE-2021-37596 Cross-site Scripting vulnerability in Telegram web K Alpha 0.6.1
Telegram Web K Alpha 0.6.1 allows XSS via a document name.
network
low complexity
telegram CWE-79
6.1
2021-07-17 CVE-2021-36769 Unspecified vulnerability in Telegram and Telegram Desktop
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8.
network
low complexity
telegram
5.3
2021-05-18 CVE-2021-31315 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library.
local
low complexity
telegram CWE-787
5.5
2021-05-18 CVE-2021-31317 Type Confusion vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library.
local
low complexity
telegram CWE-843
5.5
2021-05-18 CVE-2021-31318 Type Confusion vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library.
local
low complexity
telegram CWE-843
5.5
2021-05-18 CVE-2021-31319 Integer Overflow or Wraparound vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library.
local
low complexity
telegram CWE-190
5.5
2021-05-18 CVE-2021-31322 Out-of-bounds Write vulnerability in Telegram
Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library.
local
low complexity
telegram CWE-787
5.5