Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proofpoint enterprise protection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3676
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unauthenticated remote attacker with a specially crafted HTTP request to create additional Encryption user accounts under the attacker's ...
NA
CVE-2024-0862
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses.
5.4
CVSSv3
CVE-2023-5770
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated malicious user to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding ...
Proofpoint Enterprise Protection 8.20.0
Proofpoint Enterprise Protection 8.18.6
Proofpoint Enterprise Protection 8.20.2
6.1
CVSSv3
CVE-2023-5771
Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages. This issue affects Proofpoint Enterprise Protection: ...
Proofpoint Enterprise Protection 8.20.0
Proofpoint Enterprise Protection 8.18.6
Proofpoint Enterprise Protection
8.8
CVSSv3
CVE-2023-0089
The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below.
Proofpoint Enterprise Protection 8.20.0
Proofpoint Enterprise Protection 8.18.6
Proofpoint Enterprise Protection
9.8
CVSSv3
CVE-2023-0090
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard config...
Proofpoint Enterprise Protection 8.20.0
Proofpoint Enterprise Protection 8.18.6
Proofpoint Enterprise Protection
7.8
CVSSv3
CVE-2022-46334
Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.
Proofpoint Enterprise Protection
9.6
CVSSv3
CVE-2022-46332
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
Proofpoint Enterprise Protection
7.2
CVSSv3
CVE-2022-46333
The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.
Proofpoint Enterprise Protection
4.3
CVSSv3
CVE-2021-31608
Proofpoint Enterprise Protection prior to 18.8.0 allows a Bypass of a Security Control.
Proofpoint Enterprise Protection
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »