Pexip

Infinity

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-32095

  • EPSS 0.04%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 19:28:40

Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.

5.3

CVE-2025-66443

  • EPSS 0.06%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 18:43:13

Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a temporary denial of service.

7.5

CVE-2025-66379

  • EPSS 0.16%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 18:51:20

Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service.

7.5

CVE-2025-66378

  • EPSS 0.07%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 18:53:32

Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacker to disconnect RTMP streams traversing a Proxy Node.

7.5

CVE-2025-66377

  • EPSS 0.05%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 19:13:07

Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other n...

9.1

CVE-2025-59683

  • EPSS 0.16%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 19:07:06

Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively ...

5.9

CVE-2025-49088

  • EPSS 0.16%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 19:31:32

Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar ...

7.5

CVE-2025-48704

  • EPSS 0.06%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 19:29:49

Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trigger a software abort, resulting in a denial of service.

7.5

CVE-2025-32096

  • EPSS 0.06%
  • Veröffentlicht 25.12.2025 00:00:00
  • Zuletzt bearbeitet 05.01.2026 19:29:09

Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service.

7.5

CVE-2025-30080

  • EPSS 0.72%
  • Veröffentlicht 02.04.2025 21:15:33
  • Zuletzt bearbeitet 18.06.2025 13:57:03

Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that allows remote attackers to trigger a temporary denial of service (software abort).