Pexip Infinity 安全漏洞

Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from the Norwegian company Pexip. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions 38.0...

CVE-2025-66443

Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service...

PT-2025-53395

Name of the Vulnerable Software and Affected Versions Pexip Infinity versions 35.0 through 38.1 Description Pexip Infinity, in non-default configurations utilizing Direct Media for WebRTC, exhibits an improper input validation issue within its signalling process. This flaw allows an attacker to...

Pexip Infinity 访问控制错误漏洞

Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from Pexip, Norway. The product provides high quality and secure cloud conferencing capabilities. An Access Control Error vulnerability exists in Pexip Infinity versions prior...

Pexip Infinity 安全漏洞

Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from the Norwegian company Pexip. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions 32.0...

CVE-2025-66377

Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...

Pexip Infinity 安全漏洞

Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from the Norwegian company Pexip. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions prio...

Pexip Infinity 安全漏洞

Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from the Norwegian company Pexip. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions 35.0...

CVE-2025-59683

Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...

CVE-2025-32096

Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service...

CVE-2025-66379

Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service...

PT-2025-53393

Name of the Vulnerable Software and Affected Versions Pexip Infinity versions 38.0 and 38.1 through 38.1 Description The software contains insufficient access control within its RTMP implementation. This allows an attacker to disconnect RTMP streams as they pass through a Proxy Node...

PT-2025-53389

Name of the Vulnerable Software and Affected Versions Pexip Infinity versions 33.0 through 37.0 Description Pexip Infinity signaling has improper input validation, which allows an attacker to trigger a software abort, leading to a denial of service. Recommendations Update to Pexip Infinity versio...

HSEC-2023-0007 readFloat: memory exhaustion with large exponent

readFloat: memory exhaustion with large exponent Numeric.readFloat takes time and memory linear in the size of the number denoted by the input string. In particular, processing a number expressed in scientific notation with a very large exponent could cause a denial of service. The slowdown is...

CVE-2025-61431

A reflected cross-site scripted XSS vulnerability in the /jsp/gsfrfeditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchetti v4.1 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the...

CVE-2025-61431

A reflected cross-site scripted XSS vulnerability in the /jsp/gsfrfeditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchetti v4.1 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the...

CVE-2025-61431

A reflected cross-site scripted XSS vulnerability in the /jsp/gsfrfeditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchetti v4.1 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the...

PT-2025-45036

Name of the Vulnerable Software and Affected Versions Zucchetti ZMaintenance Infinity versions prior to 4.2 Zucchetti ZMaintenance Infinity Zucchetti version 4.1 Description A reflected cross-site scripting XSS issue exists in the /jsp/gsfr feditorHTML.jsp API endpoint of the software. This allow...

CVE-2025-61431

A reflected cross-site scripted XSS vulnerability in the /jsp/gsfrfeditorHTML.jsp endpoint of Zucchetti ZMaintenance Infinity and Infinity Zucchetti v4.1 and earlier allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into the...

Zucchetti ZMaintenance Infinity 安全漏洞

Zucchetti ZMaintenance Infinity is an enterprise asset management and maintenance software from ZMaintenance, Italy. A security vulnerability exists in Zucchetti ZMaintenance Infinity v4.1 and earlier versions, which originates from an unverified input of the pHtmlSource parameter and could lead ...