Vulnerabilities > Pexip

DATE CVE VULNERABILITY TITLE RISK
2023-12-25 CVE-2023-31289 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort.
network
low complexity
pexip CWE-20
7.5
2023-12-25 CVE-2023-31455 Improper Input Validation vulnerability in Pexip Infinity
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort.
network
low complexity
pexip CWE-20
7.5
2023-12-25 CVE-2023-37225 Cross-site Scripting vulnerability in Pexip Infinity
Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links.
network
low complexity
pexip CWE-79
6.1
2023-12-25 CVE-2023-40236 Use of Hard-coded Credentials vulnerability in Pexip Virtual Meeting Rooms
In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass.
network
high complexity
pexip CWE-798
5.3
2022-07-17 CVE-2022-29286 Allocation of Resources Without Limits or Throttling vulnerability in Pexip Infinity
Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling.
network
low complexity
pexip CWE-770
5.0
2022-07-17 CVE-2022-32263 Unspecified vulnerability in Pexip Infinity
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.
network
low complexity
pexip
7.5
2022-07-17 CVE-2022-25357 Unspecified vulnerability in Pexip Infinity 27.0/27.1
Pexip Infinity 27.x before 27.2 has Improper Access Control.
network
low complexity
pexip
5.3
2022-07-17 CVE-2022-26654 Unspecified vulnerability in Pexip Infinity
Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.
network
low complexity
pexip
7.5
2022-07-17 CVE-2022-26655 Improper Input Validation vulnerability in Pexip Infinity 27.0/27.1/27.2
Pexip Infinity 27.x before 27.3 has Improper Input Validation.
network
low complexity
pexip CWE-20
5.0
2022-07-17 CVE-2022-26656 Unspecified vulnerability in Pexip Infinity
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.
network
low complexity
pexip
6.4