14 matches found
CVE-2022-26656
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.
CVE-2022-26654
Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.
CVE-2022-27936
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323.
CVE-2015-4719
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.
CVE-2022-26657
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
CVE-2022-27937
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.
CVE-2020-24615
Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP.
CVE-2018-10585
Pexip Infinity before 18 allows remote Denial of Service (XML parsing).
CVE-2024-33850
Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. They can see the conference roster list, and perform certain actions that should not be allowed before they are admitted to the meeting.
CVE-2020-13387
Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323.
CVE-2024-37917
Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger a denial of service (software abort) via a crafted signalling message.
CVE-2023-37225
Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links.
CVE-2023-31455
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort.
CVE-2023-31289
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort.