Vulnerabilities > Pexip
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-25 | CVE-2023-31289 | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort. | 7.5 |
| 2023-12-25 | CVE-2023-31455 | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort. | 7.5 |
| 2023-12-25 | CVE-2023-37225 | Cross-site Scripting vulnerability in Pexip Infinity Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links. | 6.1 |
| 2023-12-25 | CVE-2023-40236 | Use of Hard-coded Credentials vulnerability in Pexip Virtual Meeting Rooms In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass. | 5.3 |
| 2022-07-17 | CVE-2022-29286 | Allocation of Resources Without Limits or Throttling vulnerability in Pexip Infinity Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. | 5.0 |
| 2022-07-17 | CVE-2022-32263 | Unspecified vulnerability in Pexip Infinity Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. | 7.5 |
| 2022-07-17 | CVE-2022-25357 | Unspecified vulnerability in Pexip Infinity 27.0/27.1 Pexip Infinity 27.x before 27.2 has Improper Access Control. | 5.3 |
| 2022-07-17 | CVE-2022-26654 | Unspecified vulnerability in Pexip Infinity Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. | 7.5 |
| 2022-07-17 | CVE-2022-26655 | Improper Input Validation vulnerability in Pexip Infinity 27.0/27.1/27.2 Pexip Infinity 27.x before 27.3 has Improper Input Validation. | 5.0 |
| 2022-07-17 | CVE-2022-26656 | Unspecified vulnerability in Pexip Infinity Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. | 6.4 |