Proofpoint Enterprise Protection — known CVE vulnerabilities
Every CVE whose affected-product data names Proofpoint Enterprise Protection, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2023-0090 — CVSS 9.8 (critical): The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote…
CVE-2022-46332 — CVSS 9.6 (critical): The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that…
CVE-2023-0089 — CVSS 8.8 (high): The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code…
CVE-2019-19680 — CVSS 8.8 (high): A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22…
CVE-2022-46334 — CVSS 7.8 (high): Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to…
CVE-2022-46333 — CVSS 7.2 (high): The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to…
CVE-2020-14009 — CVSS 6.3 (medium): Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message…
CVE-2023-5771 — CVSS 6.1 (medium): Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially…
CVE-2024-10635 — CVSS 6.1 (medium): Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote…
CVE-2023-5770 — CVSS 5.3 (medium): Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject…