884 matches found
Pexip Infinity 输入验证错误漏洞
Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from Pexip, Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions prior to 35.0 that...
CVE-2024-38392
Pexip Infinity Connect before 1.13.0 has an integrity/authenticity flaw: during resource loading it does not perform sufficient authenticity checks, allowing a remote attacker to cause the application to execute untrusted code. The CVE-2024-38392 entry notes a high-severity, network-exploitable i...
CVE-2024-37917
CVE-2024-37917 : Pexip Infinity prior to 35.0 is affected by improper input validation that allows a remote attacker to trigger a denial of service (software abort) via a crafted signalling message. This is the stated impact in multiple sources, with CVSS v3.1 indicating NETWORK access, low attac...
CVE-2024-38392
Pexip Infinity Connect before 1.13.0 lacks sufficient authenticity checks during the loading of resources, and thus remote attackers can cause the application to run untrusted code...
PT-2025-14548
Name of the Vulnerable Software and Affected Versions Pexip Infinity versions 29 through 36.2 Description The issue is related to improper input validation in the signalling component, allowing remote attackers to trigger a temporary denial of service, resulting in a software abort. Recommendatio...
CVE-2025-30080
Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that allows remote attackers to trigger a temporary denial of service software abort...
CVE-2025-30080
CVE-2025-30080 affects Pexip Infinity versions 29 through 36.2; impact is a temporary denial of service caused by improper input validation in the signalling component. Exploitation is remote and can trigger a software abort. Red Hat and PT Security references corroborate the issue and point to u...
Pexip Infinity 输入验证错误漏洞
Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from Pexip, Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity versions 29 through 36.2 th...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
CVE-2024-51320
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdmfsavehtmltmp, /servlet/gsdmbtlkopenfile components...
CVE-2024-51321
In Zucchetti Ad Hoc Infinity 2.4, an improper check on the mcURL parameter allows an attacker to redirect the victim to an attacker-controlled website after the authentication...
CVE-2024-51322
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /jsp/home.jsp, /jsp/gsfrfeditorHTML.jsp, /servlet/SPVisualZoom, /jsp/gsmdcontainer.jsp components...
CVE-2024-51320
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdmfsavehtmltmp, /servlet/gsdmbtlkopenfile components...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
CVE-2024-51321
In Zucchetti Ad Hoc Infinity 2.4, an improper check on the mcURL parameter allows an attacker to redirect the victim to an attacker-controlled website after the authentication...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
CVE-2024-51320
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdmfsavehtmltmp, /servlet/gsdmbtlkopenfile components...
CVE-2024-51322
Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /jsp/home.jsp, /jsp/gsfrfeditorHTML.jsp, /servlet/SPVisualZoom, /jsp/gsmdcontainer.jsp components...
CVE-2024-51321
In Zucchetti Ad Hoc Infinity 2.4, an improper check on the mcURL parameter allows an attacker to redirect the victim to an attacker-controlled website after the authentication...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...