Vulnerabilities > Proxmox > Virtual Environment > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-27 CVE-2023-43320 Unspecified vulnerability in Proxmox products
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication component.
network
low complexity
proxmox
8.8
2022-12-04 CVE-2022-35507 Injection vulnerability in Proxmox products
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS.
network
low complexity
proxmox CWE-74
7.1