Filtered by vendor Pexip
Subscribe
Search
Total
41 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40236 | 1 Pexip | 1 Virtual Meeting Rooms | 2023-12-29 | N/A | 5.3 MEDIUM |
| In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass. | |||||
| CVE-2023-37225 | 1 Pexip | 1 Pexip Infinity | 2023-12-29 | N/A | 6.1 MEDIUM |
| Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links. | |||||
| CVE-2023-31455 | 1 Pexip | 1 Pexip Infinity | 2023-12-29 | N/A | 7.5 HIGH |
| Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort. | |||||
| CVE-2023-31289 | 1 Pexip | 1 Pexip Infinity | 2023-12-29 | N/A | 7.5 HIGH |
| Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort. | |||||
| CVE-2022-32263 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | N/A | 7.5 HIGH |
| Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. | |||||
| CVE-2022-27935 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. | |||||
| CVE-2022-27929 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. | |||||
| CVE-2022-27930 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. | |||||
| CVE-2022-27931 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | |||||
| CVE-2022-27934 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. | |||||
| CVE-2022-27933 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.8 MEDIUM | 8.2 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | |||||
| CVE-2022-27932 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 4.3 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | |||||
| CVE-2022-27936 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. | |||||
| CVE-2022-26654 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. | |||||
| CVE-2022-25357 | 1 Pexip | 1 Pexip Infinity | 2023-08-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN. | |||||
| CVE-2022-29286 | 1 Pexip | 1 Pexip Infinity | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. | |||||
| CVE-2022-27937 | 1 Pexip | 1 Pexip Infinity | 2022-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. | |||||
| CVE-2022-26655 | 1 Pexip | 1 Pexip Infinity | 2022-07-18 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams. | |||||
| CVE-2022-26656 | 1 Pexip | 1 Pexip Infinity | 2022-07-18 | 6.4 MEDIUM | 8.2 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. | |||||
| CVE-2022-26657 | 1 Pexip | 1 Pexip Infinity | 2022-07-18 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | |||||
| CVE-2022-27928 | 1 Pexip | 1 Pexip Infinity | 2022-07-18 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | |||||
| CVE-2021-29655 | 1 Pexip | 1 Infinity Connect | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute. | |||||
| CVE-2021-33498 | 1 Pexip | 1 Infinity | 2022-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2). | |||||
| CVE-2021-33499 | 1 Pexip | 1 Infinity | 2022-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2). | |||||
| CVE-2021-35969 | 1 Pexip | 1 Infinity | 2022-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. | |||||
| CVE-2021-42555 | 1 Pexip | 1 Infinity | 2022-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. | |||||
| CVE-2021-32545 | 1 Pexip | 1 Infinity | 2022-01-21 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation. | |||||
| CVE-2020-25868 | 1 Pexip | 1 Pexip Infinity | 2021-07-10 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Validation for call setup. An unauthenticated remote attacker can trigger a software abort (temporary loss of service). | |||||
| CVE-2021-31925 | 1 Pexip | 1 Pexip Infinity | 2021-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface. | |||||
| CVE-2015-4719 | 1 Pexip | 1 Pexip Infinity | 2020-10-07 | 7.5 HIGH | 9.8 CRITICAL |
| The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request. | |||||
| CVE-2018-10432 | 1 Pexip | 1 Pexip Infinity | 2020-10-07 | 7.8 HIGH | 7.5 HIGH |
| Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP). | |||||
| CVE-2017-17477 | 1 Pexip | 1 Pexip Infinity | 2020-10-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views. | |||||
| CVE-2019-7177 | 1 Pexip | 1 Pexip Infinity | 2020-10-02 | 9.0 HIGH | 7.2 HIGH |
| Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin. | |||||
| CVE-2018-10585 | 1 Pexip | 1 Pexip Infinity | 2020-10-02 | 7.8 HIGH | 7.5 HIGH |
| Pexip Infinity before 18 allows remote Denial of Service (XML parsing). | |||||
| CVE-2019-7178 | 1 Pexip | 1 Pexip Infinity | 2020-09-30 | 9.0 HIGH | 7.2 HIGH |
| Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup. | |||||
| CVE-2020-11805 | 1 Pexip | 2 Pexip Infinity, Reverse Proxy And Turn Server | 2020-09-30 | 9.3 HIGH | 9.8 CRITICAL |
| Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN. | |||||
| CVE-2020-12824 | 1 Pexip | 1 Pexip Infinity | 2020-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP. | |||||
| CVE-2020-13387 | 1 Pexip | 1 Pexip Infinity | 2020-09-30 | 5.0 MEDIUM | 7.5 HIGH |
| Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323. | |||||
| CVE-2020-24615 | 1 Pexip | 1 Pexip Infinity | 2020-09-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP. | |||||
| CVE-2014-8779 | 1 Pexip | 1 Pexip Infinity | 2018-10-09 | 7.1 HIGH | N/A |
| Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys. | |||||
| CVE-2017-6551 | 1 Pexip | 1 Pexip Infinity | 2017-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes. | |||||