Vulnerabilities > Proofpoint > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-08 | CVE-2023-0090 | Code Injection vulnerability in Proofpoint Enterprise Protection The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. | 9.8 |
| 2022-12-06 | CVE-2022-46332 | Cross-site Scripting vulnerability in Proofpoint Enterprise Protection The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. | 9.6 |
| 2021-10-13 | CVE-2021-40842 | SQL Injection vulnerability in Proofpoint Insider Threat Management Server Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. | 9.8 |
| 2021-01-06 | CVE-2020-10658 | Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. | 9.8 |
| 2021-01-06 | CVE-2020-10656 | Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. | 9.8 |
| 2021-01-06 | CVE-2020-10655 | Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. | 9.8 |