Telegram FZ LLC
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-15542 | Med | 0.42 | 6.4 | 0.00 | Oct 9, 2018 | An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary… | ||
| CVE-2021-30496 | Med | 0.37 | 5.7 | 0.01 | Apr 20, 2021 | The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the… | ||
| CVE-2021-27205 | Med | 0.36 | 5.5 | 0.00 | Feb 12, 2021 | Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure. | ||
| CVE-2021-27204 | Med | 0.36 | 5.5 | 0.00 | Feb 12, 2021 | Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure. | ||
| CVE-2021-27351 | Med | 0.35 | 5.3 | 0.01 | Feb 19, 2021 | The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session. | ||
| CVE-2023-34658 | Med | 0.34 | 5.3 | 0.00 | Jun 29, 2023 | Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController. |
- risk 0.42cvss 6.4epss 0.00
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary…
- risk 0.37cvss 5.7epss 0.01
The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework. NOTE: the…
- risk 0.36cvss 5.5epss 0.00
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.
- risk 0.36cvss 5.5epss 0.00
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.
- risk 0.35cvss 5.3epss 0.01
The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session.
- risk 0.34cvss 5.3epss 0.00
Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController.