Vulnerabilities (CVE)

Filtered by vendor Pexip Subscribe
Total 43 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31455 1 Pexip 1 Pexip Infinity 2024-02-28 N/A 7.5 HIGH
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort.
CVE-2023-37225 1 Pexip 1 Pexip Infinity 2024-02-28 N/A 6.1 MEDIUM
Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links.
CVE-2023-40236 1 Pexip 1 Virtual Meeting Rooms 2024-02-28 N/A 5.3 MEDIUM
In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass.
CVE-2023-31289 1 Pexip 1 Pexip Infinity 2024-02-28 N/A 7.5 HIGH
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort.
CVE-2022-27932 1 Pexip 1 Pexip Infinity 2024-02-28 4.3 MEDIUM 7.5 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-25357 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.
CVE-2022-26657 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-27930 1 Pexip 1 Pexip Infinity 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.
CVE-2022-29286 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.
CVE-2022-27935 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.
CVE-2022-27933 1 Pexip 1 Pexip Infinity 2024-02-28 5.8 MEDIUM 8.2 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-32263 1 Pexip 1 Pexip Infinity 2024-02-28 N/A 7.5 HIGH
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.
CVE-2022-27937 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.
CVE-2022-27936 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.
CVE-2022-27934 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.
CVE-2022-27928 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
CVE-2022-26656 1 Pexip 1 Pexip Infinity 2024-02-28 6.4 MEDIUM 8.2 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.
CVE-2022-26655 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.
CVE-2022-27931 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
CVE-2022-27929 1 Pexip 1 Pexip Infinity 2024-02-28 5.0 MEDIUM 7.5 HIGH
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.