888 matches found
CVE-2025-66443
Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service...
CVE-2025-49088
Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ One Touch Join for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service...
CVE-2025-48704
Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a denial of service...
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
CVE-2025-32096
Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service...
CVE-2025-48704
Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a denial of service...
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
CVE-2025-49088
Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ One Touch Join for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service...
CVE-2025-32096
Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service...
CVE-2025-32095
Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service...
CVE-2025-32095
Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service...
CVE-2025-32096
The CVE-2025-32096 entry affects Pexip Infinity software versions 33.0 through 37.0 (before 37.1). The vulnerability stems from improper input validation in signaling, which can cause an attacker to trigger a software abort and result in a denial of service. Remediation is to upgrade to Pexip Inf...
CVE-2025-32095
Affected software: Pexip Infinity (before 37.0). Vulnerability detail: improper input validation in signalling allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in denial of service. This is consistently reported across CVE entries (NVD/Red Hat/EUVD/...
CVE-2025-48704
CVE-2025-48704 affects Pexip Infinity 35.0–37.2 prior to 38.0. The issue is improper input validation in the signalling path, which can trigger a software abort and cause a denial of service. Red Hat, CIRCL, EUVD, NVD, and CVE listings corroborate the impact as a DoS due to signalling input valid...
CVE-2025-49088
Pexip Infinity versions 32.0–37.1 (before 37.2) are affected by improper input validation in the OTJ (One Touch Join) service when configuring Teams SIP Guest Join. A remote attacker can trigger a denial of service by sending a crafted calendar invite, leading to a software abort. Red Hat and EUV...
CVE-2025-66379
Pexip Infinity prior to 39.0 is affected by an improper input validation flaw in the media implementation. A remote attacker can exploit a crafted media stream to trigger a software abort, resulting in a denial of service. Affected product/version: Pexip Infinity
CVE-2025-66377
CVE-2025-66377 affects Pexip Infinity prior to 39.0. A missing authentication for a critical function in a product-internal API allows an attacker who already has code execution on one node to impact the operation of other nodes in the installation. This is not listed as exploitable in the provid...
CVE-2025-66443
CVE-2025-66443 affects Pexip Infinity 35.0–38.1 (before 39.0) in non-default configurations that use Direct Media for WebRTC. The issue is improper input validation in the signaling path, allowing an attacker to trigger a software abort and cause a temporary denial of service. Red Hat and other s...
Pexip Infinity 安全漏洞
Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from the Norwegian company Pexip. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions 35.0...
CVE-2025-66377
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...