Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Telegram Subscribe
Filtered by product Telegram Messenger
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-17780 1 Telegram 2 Telegram Desktop, Telegram Messenger 2018-12-06 4.0 MEDIUM 6.5 MEDIUM
Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list.
CVE-2017-17715 1 Telegram 1 Telegram Messenger 2018-01-04 6.8 MEDIUM 8.8 HIGH
The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak.