Pexip Infinity
by Pexip
CVEs (51)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-27935 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. | |||
| CVE-2022-27934 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. | |||
| CVE-2022-27933 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | |||
| CVE-2022-27932 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | |||
| CVE-2022-27931 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | |||
| CVE-2022-27930 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. | |||
| CVE-2022-27929 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. | |||
| CVE-2022-27928 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | |||
| CVE-2022-26657 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | |||
| CVE-2022-26656 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. | |||
| CVE-2022-26655 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams. | |||
| CVE-2022-26654 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. | |||
| CVE-2022-25357 | 0.00 | — | 0.01 | Jul 17, 2022 | Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN. | |||
| CVE-2022-23228 | 0.00 | — | 0.01 | Feb 18, 2022 | Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote attacker can use excessive resources, temporarily causing denial of service. | |||
| CVE-2021-42555 | 0.00 | — | 0.01 | Jan 15, 2022 | Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. | |||
| CVE-2021-35969 | 0.00 | — | 0.01 | Jan 15, 2022 | Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation. | |||
| CVE-2021-33499 | 0.00 | — | 0.01 | Jan 15, 2022 | Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2). | |||
| CVE-2021-33498 | 0.00 | — | 0.01 | Jan 15, 2022 | Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2). | |||
| CVE-2021-32545 | 0.00 | — | 0.01 | Jan 15, 2022 | Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation. | |||
| CVE-2021-31925 | 0.00 | — | 0.01 | Jul 7, 2021 | Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface. |
- CVE-2022-27935Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.
- CVE-2022-27934Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.
- CVE-2022-27933Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
- CVE-2022-27932Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
- CVE-2022-27931Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
- CVE-2022-27930Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed.
- CVE-2022-27929Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.
- CVE-2022-27928Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.
- CVE-2022-26657Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.
- CVE-2022-26656Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.
- CVE-2022-26655Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.
- CVE-2022-26654Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.
- CVE-2022-25357Jul 17, 2022risk 0.00cvss —epss 0.01
Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.
- CVE-2022-23228Feb 18, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 27.0 has improper WebRTC input validation. An unauthenticated remote attacker can use excessive resources, temporarily causing denial of service.
- CVE-2021-42555Jan 15, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 26.2 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
- CVE-2021-35969Jan 15, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 26 allows temporary remote Denial of Service (abort) because of missing call-setup input validation.
- CVE-2021-33499Jan 15, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 2 of 2).
- CVE-2021-33498Jan 15, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 26 allows remote denial of service because of missing H.264 input validation (issue 1 of 2).
- CVE-2021-32545Jan 15, 2022risk 0.00cvss —epss 0.01
Pexip Infinity before 26 allows remote denial of service because of missing RTMP input validation.
- CVE-2021-31925Jul 7, 2021risk 0.00cvss —epss 0.01
Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface.
Page 2 of 3