Vulnerabilities (CVE)

Filtered by vendor Pexip Subscribe
Total 43 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-17477 1 Pexip 1 Pexip Infinity 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views.
CVE-2015-4719 1 Pexip 1 Pexip Infinity 2024-11-21 7.5 HIGH 9.8 CRITICAL
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.
CVE-2014-8779 1 Pexip 1 Pexip Infinity 2024-11-21 7.1 HIGH N/A
Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these keys.