Vulnerabilities (CVE)

Filtered by vendor Telegram Subscribe

Filtered by product Telegram Messenger

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-17780	1 Telegram	2 Telegram Desktop, Telegram Messenger	2023-12-10	4.0 MEDIUM	6.5 MEDIUM
Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list.
CVE-2017-17715	1 Telegram	1 Telegram Messenger	2023-12-10	6.8 MEDIUM	8.8 HIGH
The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak.