CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-36769
https://notcve.org/view.php?id=CVE-2021-36769
16 Jul 2021 — A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client. Se presenta un problema de reordenación en Telegram versiones anteriores a 7.8.1 para Android, Telegram versiones anteriores a 7.8.3 para iOS y Telegram Desktop versiones anteriores a 2.8.8. Un atacante puede causar al servidor recibir mensajes en un orden diferente al que se e... • https://mtpsym.github.io •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31315
https://notcve.org/view.php?id=CVE-2021-31315
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the blit function of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por un Desbordamiento en la región Stack d... • https://www.shielder.it/advisories/telegram-rlottie-blit-stack-buffer-overflow • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31317
https://notcve.org/view.php?id=CVE-2021-31317
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the VDasher constructor of their custom fork of the rlottie library. A remote attacker might be able to access Telegram's heap memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una Confusión de Tipos en el constructo... • https://www.shielder.it/advisories/telegram-rlottie-vdasher-vdasher-type-confusion • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31318
https://notcve.org/view.php?id=CVE-2021-31318
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Type Confusion in the LOTCompLayerItem::LOTCompLayerItem function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una Confusión de Tipos en ... • https://www.shielder.it/advisories/telegram-rlottie-lotcomplayeritem-lotcomplayeritem-type-confusion • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31319 – Ubuntu Security Notice USN-7198-1
https://notcve.org/view.php?id=CVE-2021-31319
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by an Integer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por un Desbordamiento de Enteros en la f... • https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-integer-overflow • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31320
https://notcve.org/view.php?id=CVE-2021-31320
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the VGradientCache::generateGradientColorTable function of their custom fork of the rlottie library. A remote attacker might be able to overwrite heap memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una vulne... • https://www.shielder.it/advisories/telegram-rlottie-vgradientcache-generategradientcolortable-heap-buffer-overflow • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31321
https://notcve.org/view.php?id=CVE-2021-31321
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Stack Based Overflow in the gray_split_cubic function of their custom fork of the rlottie library. A remote attacker might be able to overwrite Telegram's stack memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por un Desbordamiento en la... • https://www.shielder.it/advisories/telegram-rlottie-gray_split_cubic-stack-buffer-overflow • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31322
https://notcve.org/view.php?id=CVE-2021-31322
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LOTGradient::populate function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1, están afectados por una vulnerabilidad de Desbordamie... • https://www.shielder.it/advisories/telegram-rlottie-lotgradient-populate-heap-buffer-overflow • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2021-31323
https://notcve.org/view.php?id=CVE-2021-31323
18 May 2021 — Telegram Android <7.1.0 (2090), Telegram iOS <7.1, and Telegram macOS <7.1 are affected by a Heap Buffer Overflow in the LottieParserImpl::parseDashProperty function of their custom fork of the rlottie library. A remote attacker might be able to access heap memory out-of-bounds on a victim device via a malicious animated sticker. Telegram Android versiones anteriores a 7.1,.0 (2090), Telegram iOS versiones anteriores a 7.1, y Telegram macOS versiones anteriores a 7.1,, están afectados por una vulnerabilidad... • https://www.shielder.it/advisories/telegram-rlottie-lottieparserimpl-parsedashproperty-heap-buffer-overflow • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-27351 – Gentoo Linux Security Advisory 202105-07
https://notcve.org/view.php?id=CVE-2021-27351
19 Feb 2021 — The Terminate Session feature in the Telegram application through 7.2.1 for Android, and through 2.4.7 for Windows and UNIX, fails to invalidate a recently active session. La funcionalidad Terminate Session en la aplicación Telegram hasta la versión 7.2.1 para Android, y hasta la versión 2.4.7 para Windows y UNIX, presenta una fallo al invalidar una sesión activa recientemente An insufficient session expiration has been reported in Telegram. Versions less than 2.4.11 are affected. • https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html • CWE-613: Insufficient Session Expiration •