884 matches found
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
EUVD-2025-205368
Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service...
EUVD-2025-205365
Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ One Touch Join for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service...
EUVD-2025-205364
Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service...
EUVD-2025-205372
Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a denial of service...
EUVD-2025-205370
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
EUVD-2025-205373
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...
EUVD-2025-205374
Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing a Proxy Node...
EUVD-2025-205367
Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service...
CVE-2025-66443
Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service...
CVE-2025-66378
Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing a Proxy Node...
CVE-2025-66379
Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service...
CVE-2025-66377
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...
CVE-2025-66378
Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing a Proxy Node...
CVE-2025-66443
Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service...
CVE-2025-66379
Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service...
CVE-2025-66377
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker who already has access to execute code on one node within a Pexip Infinity installation to impact the operation of other nodes within the installation...
CVE-2025-32096
Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service...
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of servi...
CVE-2025-49088
Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ One Touch Join for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service...