Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Proofpoint — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting Proofpoint. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Proofpoint operates primarily as a cloud-based cybersecurity provider specializing in email security, threat intelligence, and data loss prevention for enterprise organizations. Its software suite processes vast amounts of inbound and outbound communications to detect malicious content and prevent sophisticated phishing attacks. Historically, vulnerabilities within its infrastructure have frequently involved remote code execution (RCE) and cross-site scripting (XSS), often stemming from web interface flaws or insecure API implementations. These weaknesses have occasionally allowed attackers to bypass authentication or escalate privileges, compromising sensitive customer data. While the company maintains robust security protocols, past incidents highlight the risks associated with complex cloud architectures. The current record of twenty-two Common Vulnerabilities and Exposures underscores the ongoing challenge of securing large-scale, internet-facing services against evolving threat vectors.

Top products by Proofpoint: enterprise_protection Insider Threat Management Enterprise Protection ITM Server Threat Response Auto Pull Proofpoint Enterprise Protection Insider Threat Management (ITM) Server
CVE IDTitleCVSSSeverityPublished
CVE-2025-8558 Proofpoint Insider Threat Management Server 安全漏洞 — Insider Threat Management (ITM) ServerCWE-306 6.3AIMediumAI2025-11-03
CVE-2024-10635 Enterprise Protection S/MIME Opaque Signature Attachment Scanning Bypass — Enterprise ProtectionCWE-754 6.1 Medium2025-04-28
CVE-2025-0431 Enterprise Protection Backslash URL Rewrite Bypass — Enterprise ProtectionCWE-790 5.8 Medium2025-03-19
CVE-2024-3676 Proofpoint Enterprise Protection 输入验证错误漏洞 — Enterprise ProtectionCWE-20 7.5 High2024-05-14
CVE-2024-0862 Proofpoint Enterprise Protection 代码问题漏洞 — Enterprise ProtectionCWE-918 5.0 Medium2024-05-14
CVE-2023-5770 HTML injection in email body through email subject — Proofpoint Enterprise ProtectionCWE-838 5.3 Medium2024-01-09
CVE-2023-5771 HTML injection in AdminUI through email subject — Proofpoint Enterprise ProtectionCWE-79 6.1 Medium2023-11-06
CVE-2023-4828 ITM Server Communications Hijack — ITM ServerCWE-754 6.4 Medium2023-09-13
CVE-2023-4803 ITM Server Cross-site Scripting in WriteWindowTitle Endpoint — ITM ServerCWE-79 4.8 Medium2023-09-13
CVE-2023-4802 ITM Server Cross-site Scripting in UpdateInstalledSoftware Endpoint — ITM ServerCWE-79 4.8 Medium2023-09-13
CVE-2023-4801 ITM MacOS Agent Improper Certificate Validation — Insider Threat ManagementCWE-295 7.5 High2023-09-13
CVE-2023-36002 ITM Server Missing Authorization for URL validation — Insider Threat ManagementCWE-862 4.3 Medium2023-06-27
CVE-2023-36000 ITM Server Missing Authorization for Agent Config — Insider Threat ManagementCWE-862 6.5 Medium2023-06-27
CVE-2023-35998 ITM Server Missing Authorization in SOAP Endpoints — Insider Threat ManagementCWE-862 4.6 Medium2023-06-27
CVE-2023-2818 ITM Windows Agent Insecure Filesystem Permissions — Insider Threat ManagementCWE-281 5.5 Medium2023-06-27
CVE-2023-2820 Proofpoint Threat Response 信息泄露漏洞 — Threat Response Auto PullCWE-200 6.1 Medium2023-06-14
CVE-2023-2819 Proofpoint Threat Response 跨站脚本漏洞 — Threat Response Auto PullCWE-79 4.3 Medium2023-06-14
CVE-2023-0090 Proofpoint Enterprise Protection webservices unauthenticated RCE — enterprise_protectionCWE-95 9.8 Critical2023-03-08
CVE-2023-0089 Proofpoint Enterprise Protection webutils authenticated RCE — enterprise_protectionCWE-95 8.8 High2023-03-08
CVE-2022-46334 Proofpoint Enterprise Protection Local Privilege Escalation — enterprise_protectionCWE-269 7.8 High2022-12-21
CVE-2022-46333 Proofpoint Enterprise Protection perl eval() arbitrary command execution — enterprise_protectionCWE-94 7.2 High2022-12-06
CVE-2022-46332 Proofpoint Enterprise Protection (PPS/PoD) XSS in "Attachment Names" — enterprise_protectionCWE-79 9.6 Critical2022-12-06

This page lists every published CVE security advisory associated with Proofpoint. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.