Proofpoint Enterprise_protection
12 CVEs affecting Proofpoint Enterprise_protection. Latest disclosed: 2025-04-28. Critical: 2, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-0090 | Critical | 9.8 | 2023-03-08 | The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval in… |
CVE-2022-46332 | Critical | 9.6 | 2022-12-06 | The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous ema… |
CVE-2023-0089 | High | 8.8 | 2023-03-08 | The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval inje… |
CVE-2019-19680 | High | 8.8 | 2020-01-13 | A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respective… |
CVE-2022-46334 | High | 7.8 | 2022-12-21 | Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. Th… |
CVE-2021-39304 | High | 7.5 | 2021-10-13 | Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass. |
CVE-2022-46333 | High | 7.2 | 2022-12-06 | The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands bey… |
CVE-2020-14009 | Medium | 6.3 | 2021-05-07 | Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious att… |
CVE-2024-10635 | Medium | 6.1 | 2025-04-28 | Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attach… |
CVE-2023-5771 | Medium | 6.1 | 2023-11-06 | Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML i… |
CVE-2023-5770 | Medium | 5.3 | 2024-01-09 | Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML… |
CVE-2021-31608 | Medium | 4.3 | 2022-11-17 | Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control. |