Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-29	CVE-2018-17780	Information Exposure vulnerability in Telegram Desktop and Telegram Messenger Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list. network low complexity telegram CWE-200	4.0
2017-12-16	CVE-2017-17715	Path Traversal vulnerability in Telegram Messenger The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak. network telegram CWE-22	6.8