CVE-2021-27651

CVE-2021-27651 affects Pega Infinity versions 8.2.1 through 8.5.2. The password-reset flow for local accounts can bypass local authentication checks, enabling an attacker to gain unauthorized access to a Pega Infinity installation. Public sources describe a path to login with an administrator acc...

PEGA pega infinity 授权问题漏洞

PEGA pega infinity is an application from PEGA USA. Provides transition from digital chaos to true digital conversion. An authorization issue vulnerability exists in Pega Infinity versions 8.2.1 through 8.5.2, which stems from the fact that the password reset feature for local accounts can be use...

PT-2021-17582 · Pegasystems · Pega Infinity

Name of the Vulnerable Software and Affected Versions: Pega Infinity versions 8.2.1 through 8.5.2 Description: The issue concerns the password reset functionality for local accounts, which can be exploited to bypass local authentication checks. Recommendations: For Pega Infinity versions 8.2.1...

An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure related to mishandling of the NAN and INFINITY floating-point values.

...

An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure related to mishandling of the NAN and INFINITY floating-point values.

...

In-the-Wild Series: Chrome Infinity Bug

This is part 2 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, see the introduction post. Posted by Sergei Glazunov, Project Zero This post only covers one of the exploits, specifically a renderer...

DEBIAN-CVE-2020-26890

Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into th...

infinity-gift.com Cross Site Scripting vulnerability OBB-1410810

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Pexip Infinity Input Validation Error Vulnerability (CNVD-2022-06487)

Pexip Infinity Pexip Video Conferencing Cloud Collaboration Platform is a video conferencing cloud collaboration platform from Pexip Norway. Pexip Infinity is vulnerable to an input validation error that could be exploited to temporarily terminate the software via RTP...

Pexip Infinity Denial of Service Vulnerability

Pexip Infinity is video communications software that organizations can deploy in their IT infrastructure, public or private cloud, or any hybrid combination to enable everyone to have their own personal, high-quality video, audio, and mobile conferencing experience. A denial of service...

Pexip Infinity Denial of Service Vulnerability (CNVD-2020-59043)

Pexip Infinity is video communications software that organizations can deploy in their IT infrastructure, public or private cloud, or any hybrid combination to enable everyone to have their own personal, high-quality video, audio, and mobile conferencing experience. A denial of service...

Pexip Infinity Cross-Site Scripting Vulnerability

Pexip Infinity is video communications software that organizations can deploy in their IT infrastructure, public or private cloud, or any hybrid combination to enable everyone to have their own personal, high-quality video, audio, and mobile conferencing experience. A stored cross-site scripting...

Pexip Infinity Input Validation Error Vulnerability (CNVD-2020-55175)

Pexip Infinity is a video conferencing cloud collaboration platform from Norway's pexip, a video communications software that organizations can deploy in their IT infrastructure, public or private cloud, or any hybrid combination to enable everyone to have their own personal high-quality video,...

Pexip Infinity Input Validation Error Vulnerability (CNVD-2020-55174)

Pexip Infinity is a video conferencing cloud collaboration platform from Norway's pexip, a video communications software that organizations can deploy in their IT infrastructure, public or private cloud, or any hybrid combination to enable everyone to have their own personal high-quality video,...

CVE-2020-24615

Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP...

CVE-2020-24615

Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP...

CVE-2019-7178

Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup...

CVE-2020-12824

Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP...

CVE-2018-10432

Pexip Infinity before 18 allows Remote Denial of Service TLS handshakes in RTMP...

CVE-2018-10585

Pexip Infinity before 18 allows remote Denial of Service XML parsing...