Filtered by vendor Proofpoint
Subscriptions
Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-14009 | 1 Proofpoint | 1 Enterprise Protection | 2024-11-21 | 6.3 Medium |
| Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipart structures are not properly handled. | ||||
| CVE-2020-10658 | 1 Proofpoint | 1 Insider Threat Management Server | 2024-11-21 | 9.8 Critical |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | ||||
| CVE-2020-10657 | 1 Proofpoint | 1 Insider Threat Management Server | 2024-11-21 | 7.2 High |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | ||||
| CVE-2020-10656 | 1 Proofpoint | 1 Insider Threat Management Server | 2024-11-21 | 9.8 Critical |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | ||||
| CVE-2020-10655 | 1 Proofpoint | 1 Insider Threat Management Server | 2024-11-21 | 9.8 Critical |
| The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. | ||||
| CVE-2019-20634 | 1 Proofpoint | 1 Email Protection | 2024-11-21 | 3.7 Low |
| An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails. | ||||
| CVE-2019-19680 | 1 Proofpoint | 1 Enterprise Protection | 2024-11-21 | 8.8 High |
| A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email. | ||||