CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

366 matches found

Prion•added 2023/06/14 10:15 p.m.•14 views

Cross site scripting

A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull PTR/TRAP could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. ?This could result in arbitrary javascript code...

3.4CVSS4.9AI score0.00256EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/06/14 9:26 p.m.•27 views

CVE-2023-2820

An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull PTR/TRAP could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic...

6.1CVSS6.2AI score0.0025EPSS

Exploits0References1

CVE•added 2023/06/14 9:26 p.m.•61 views

CVE-2023-2820

CVE-2023-2820 affects Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) via the faye endpoint. The vulnerability may allow an attacker on an adjacent network to obtain credentials to integrated services through MITM or session-traffic cryptanalysis, enabling impersonation of PTR/T...

6.8CVSS6.1AI score0.0025EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/06/14 9:26 p.m.•30 views

CVE-2023-2820

6.1CVSS6.4AI score0.0025EPSS

Exploits0References1

Vulnrichment•added 2023/06/14 9:14 p.m.•14 views

CVE-2023-2819

4.3CVSS4.7AI score0.00256EPSS

Exploits0References1

CVE•added 2023/06/14 9:14 p.m.•39 views

CVE-2023-2819

The CVE-2023-2819 issue affects Proofpoint Threat Response/Threat Response Auto Pull (PTR/TRAP) prior to version 5.10.0. A stored XSS in the Sources UI could allow an authenticated administrator on an adjacent network to replace an image file with an arbitrary MIME type, potentially leading to ar...

4.3CVSS4.7AI score0.00256EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/06/14 9:14 p.m.•23 views

CVE-2023-2819

4.3CVSS5AI score0.00256EPSS

Exploits0References1

CNNVD•added 2023/06/14 12:0 a.m.•3 views

Proofpoint Threat Response 跨站脚本漏洞

Proofpoint Threat Response is Proofpoint's leading Security Orchestration, Automation and Response SOAR solution that enables security teams to respond faster and more effectively to the evolving threat landscape. A security vulnerability exists in Proofpoint Threat Response versions prior to...

4.3CVSS5.6AI score0.00256EPSS

Exploits0References2

CNNVD•added 2023/06/14 12:0 a.m.•3 views

Proofpoint Threat Response 信息泄露漏洞

Proofpoint Threat Response is Proofpoint's leading Security Orchestration, Automation and Response SOAR solution that enables security teams to respond faster and more effectively to the evolving threat landscape. Proofpoint Threat Response and Threat Response Auto-Pull the entry-level version of...

6.8CVSS6.6AI score0.0025EPSS

Exploits0References2

Positive Technologies•added 2023/06/14 12:0 a.m.•3 views

PT-2023-21620 · Proofpoint · Proofpoint Threat Response/ Threat Response Auto Pull

Name of the Vulnerable Software and Affected Versions: Proofpoint Threat Response/ Threat Response Auto Pull PTR/TRAP versions prior to 5.10.0 Description: A stored cross-site scripting issue in the Sources UI could allow an authenticated administrator on an adjacent network to replace an image...

4.3CVSS4.8AI score0.00256EPSS

Exploits0References3

The Hacker News•added 2023/06/09 1:37 p.m.•7 views

Asylum Ambuscade: A Cybercrime Group with Espionage Ambitions

The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020. "It is a crimeware group that targets bank customers and cryptocurrency traders in various regions, including North America and Europe," ESET said in an...

9.3CVSS7AI score0.99374EPSS

Exploits62

OSV•added 2023/03/08 1:15 a.m.•3 views

CVE-2023-0089

The webutils in Proofpoint Enterprise Protection PPS/POD contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below...

8.8CVSS7.6AI score0.00733EPSS

Exploits0References1

OSV•added 2023/03/08 1:15 a.m.•3 views

CVE-2023-0090

The webservices in Proofpoint Enterprise Protection PPS/POD contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all...

9.8CVSS7.6AI score0.00738EPSS

Exploits0References1

NVD•added 2023/03/08 1:15 a.m.•18 views

CVE-2023-0089

8.8CVSS8.8AI score0.00733EPSS

Exploits0References1

NVD•added 2023/03/08 1:15 a.m.•11 views

CVE-2023-0090

9.8CVSS9.7AI score0.00738EPSS

Exploits0References1

Prion•added 2023/03/08 1:15 a.m.•14 views

Remote code execution

6.5CVSS8.7AI score0.00733EPSS

Exploits0References1Affected Software1

Prion•added 2023/03/08 1:15 a.m.•13 views

Remote code execution

7.5CVSS9.5AI score0.00738EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/03/08 12:27 a.m.•6 views

CVE-2023-0090 Proofpoint Enterprise Protection webservices unauthenticated RCE

9.8CVSS9.6AI score0.00738EPSS

Exploits0References1

CVE•added 2023/03/08 12:27 a.m.•67 views

CVE-2023-0090

Proofpoint Enterprise Protection (PPS/POD) webservices are affected by CVE-2023-0090: an anonymous user can trigger remote code execution via eval injection, requiring network access to the webservices API (non-default configuration) and impacting all versions 8.20.0 and below. Exploitation detai...

9.8CVSS9.7AI score0.00738EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/03/08 12:27 a.m.•18 views

CVE-2023-0090 Proofpoint Enterprise Protection webservices unauthenticated RCE

9.8CVSS9.8AI score0.00738EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by