Vulnerabilities > Proofpoint > Enterprise Protection > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-08 | CVE-2023-0089 | Code Injection vulnerability in Proofpoint Enterprise Protection The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below. | 8.8 |
2022-12-21 | CVE-2022-46334 | Improper Privilege Management vulnerability in Proofpoint Enterprise Protection Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. | 7.8 |
2022-12-06 | CVE-2022-46333 | Code Injection vulnerability in Proofpoint Enterprise Protection The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. | 7.2 |
2021-10-13 | CVE-2021-39304 | Unspecified vulnerability in Proofpoint Enterprise Protection 8.12.02107140000 Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass. | 7.5 |
2020-01-13 | CVE-2019-19680 | Unspecified vulnerability in Proofpoint Enterprise Protection A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email. | 8.8 |