Proofpoint Enterprise_protection

12 CVEs affecting Proofpoint Enterprise_protection. Latest disclosed: 2025-04-28. Critical: 2, High: 5.

Top CVEs affecting Proofpoint Enterprise_protection
CVESeverityScorePublishedSummary
CVE-2023-0090Critical9.82023-03-08The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval in…
CVE-2022-46332Critical9.62022-12-06The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous ema…
CVE-2023-0089High8.82023-03-08 The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval inje…
CVE-2019-19680High8.82020-01-13A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respective…
CVE-2022-46334High7.82022-12-21Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. Th…
CVE-2021-39304High7.52021-10-13Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.
CVE-2022-46333High7.22022-12-06The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands bey…
CVE-2020-14009Medium6.32021-05-07Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious att…
CVE-2024-10635Medium6.12025-04-28Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attach…
CVE-2023-5771Medium6.12023-11-06Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML i…
CVE-2023-5770Medium5.32024-01-09Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML…
CVE-2021-31608Medium4.32022-11-17Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control.