Vulnerabilities > Proofpoint > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-08 | CVE-2023-0090 | Code Injection vulnerability in Proofpoint Enterprise Protection The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. | 9.8 |
| 2022-12-06 | CVE-2022-46332 | Cross-site Scripting vulnerability in Proofpoint Enterprise Protection The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. | 9.6 |
| 2021-01-06 | CVE-2020-8884 | Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes. | 9.0 |