Vulnerabilities > Cyberark > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-22 | CVE-2020-4062 | Unspecified vulnerability in Cyberark Conjur OSS Helm Chart In Conjur OSS Helm Chart before 2.0.0, a recently identified critical vulnerability resulted in the installation of the Conjur Postgres database with an open port. | 9.0 |
| 2019-05-08 | CVE-2019-7442 | XXE vulnerability in Cyberark Enterprise Password Vault 10.6/10.7 An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system. | 9.8 |
| 2018-07-05 | CVE-2018-13052 | Unspecified vulnerability in Cyberark Endpoint Privilege Manager In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin. | 9.8 |
| 2018-04-12 | CVE-2018-9843 | Deserialization of Untrusted Data vulnerability in Cyberark Password Vault 10.0 The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header. | 9.8 |