Vulnerabilities > Telegram > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-29 | CVE-2023-34658 | Unspecified vulnerability in Telegram 9.6.3 Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController. | 5.3 |
| 2023-05-19 | CVE-2023-26818 | Incorrect Authorization vulnerability in Telegram 9.3.1/9.4 Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag. | 5.5 |
| 2022-12-06 | CVE-2022-43363 | Cross-site Scripting vulnerability in Telegram 15.3.1 Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. | 6.1 |
| 2021-07-30 | CVE-2021-37596 | Cross-site Scripting vulnerability in Telegram web K Alpha 0.6.1 Telegram Web K Alpha 0.6.1 allows XSS via a document name. | 4.3 |
| 2021-07-17 | CVE-2021-36769 | Unspecified vulnerability in Telegram and Telegram Desktop A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. | 5.3 |
| 2021-05-18 | CVE-2021-31315 | Out-of-bounds Write vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. | 4.3 |
| 2021-05-18 | CVE-2021-31317 | Type Confusion vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. | 4.3 |
| 2021-05-18 | CVE-2021-31318 | Type Confusion vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. | 4.3 |
| 2021-05-18 | CVE-2021-31319 | Integer Overflow or Wraparound vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. | 4.3 |
| 2021-05-18 | CVE-2021-31320 | Out-of-bounds Write vulnerability in Telegram Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. | 5.8 |