Search
Search Results (16 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66443 | 1 Pexip | 1 Infinity | 2025-12-25 | 7.5 High |
| Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service. | ||||
| CVE-2025-66379 | 1 Pexip | 1 Infinity | 2025-12-25 | 7.5 High |
| Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service. | ||||
| CVE-2025-66378 | 1 Pexip | 1 Infinity | 2025-12-25 | 5.9 Medium |
| Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing a Proxy Node. | ||||
| CVE-2025-66377 | 1 Pexip | 1 Infinity | 2025-12-25 | 7.5 High |
| Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other nodes within the installation. | ||||
| CVE-2025-59683 | 1 Pexip | 1 Infinity | 2025-12-25 | 8.2 High |
| Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of service. | ||||
| CVE-2025-49088 | 1 Pexip | 1 Infinity | 2025-12-25 | 5.9 Medium |
| Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service. | ||||
| CVE-2025-48704 | 1 Pexip | 1 Infinity | 2025-12-25 | 7.5 High |
| Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a denial of service. | ||||
| CVE-2025-32096 | 1 Pexip | 1 Infinity | 2025-12-25 | 7.5 High |
| Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service. | ||||
| CVE-2025-32095 | 1 Pexip | 1 Infinity | 2025-12-25 | 7.5 High |
| Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service. | ||||
| CVE-2021-42555 | 1 Pexip | 1 Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. | ||||
| CVE-2021-35969 | 1 Pexip | 1 Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. | ||||
| CVE-2021-33499 | 1 Pexip | 1 Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2). | ||||
| CVE-2021-33498 | 1 Pexip | 1 Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2). | ||||
| CVE-2021-32545 | 1 Pexip | 1 Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation. | ||||
| CVE-2021-29656 | 1 Pexip | 1 Infinity Connect | 2024-11-21 | 9.8 Critical |
| Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked. | ||||
| CVE-2021-29655 | 1 Pexip | 1 Infinity Connect | 2024-11-21 | 9.8 Critical |
| Pexip Infinity Connect before 1.8.0 omits certain provisioning authenticity checks. Thus, untrusted code may execute. | ||||
Page 1 of 1.