CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

366 matches found

CNNVD•added 2021/04/06 12:0 a.m.•5 views

Proofpoint Insider Threat Management Server 安全漏洞

Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. for preventing malicious operations by enterprise insiders. An authorization bypass vulnerability exists in Proofpoint Insider Threat Management Server versions prior to 7.11.1, which stems from the...

8.1CVSS5.9AI score0.02452EPSS

Exploits0References2

CNNVD•added 2021/04/06 12:0 a.m.•4 views

Proofpoint Insider Threat Management Server 信任管理问题漏洞

Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. that is used to prevent malicious operations by enterprise insiders. A security vulnerability exists in Proofpoint Insider Threat Management Agents that stems from performing improper validation of ITM...

7.4CVSS7.3AI score0.00641EPSS

Exploits0References2

CNNVD•added 2021/04/06 12:0 a.m.•4 views

Proofpoint Insider Threat Management Server 跨站脚本漏洞

Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. for preventing malicious operations by enterprise insiders. A cross-site scripting vulnerability exists in Proofpoint Insider Threat Management Server versions prior to 7.11.1, which allows for the...

6.1CVSS5.1AI score0.01946EPSS

Exploits0References2

ThreatPost•added 2021/03/19 2:52 p.m.•33 views

CopperStealer Malware Targets Facebook and Instagram Business Accounts

A malware that until now has gone undocumented has been quietly hijacking online accounts of advertisers and users of Facebook, Apple, Amazon, Google and other web giants since July 2019 and then using them for nefarious activity, researchers have found. Dubbed CopperStealer, the malware acts...

7AI score

Exploits0References7

NVD•added 2021/01/26 8:15 p.m.•12 views

CVE-2021-22159

Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management formerly ObserveIT Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a...

7.8CVSS7.8AI score0.00331EPSS

Exploits0References2

Prion•added 2021/01/26 8:15 p.m.•12 views

Privilege escalation

7.2CVSS7.7AI score0.00331EPSS

Exploits0References2Affected Software1

CVE•added 2021/01/26 7:44 p.m.•51 views

CVE-2021-22159

CVE-2021-22159 affects Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows; versions before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 (as well as 7.3 and earlier) are missing authentication for a critical function, enabling a local authenticated Windo...

7.8CVSS7.7AI score0.00331EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/01/26 7:44 p.m.•18 views

CVE-2021-22159

8AI score0.00331EPSS

Exploits0References2

ThreatPost•added 2021/01/21 3:2 p.m.•52 views

Google Forms Set Baseline For Widespread BEC Attacks

A threat actor has been sending thousands of emails to organizations, in what researchers warn is a reconnaissance campaign to identify targets for a possible follow-up business-email-compromise BEC attack. So far, researchers have observed thousands of messages being sent to companies since...

0.5AI score

Exploits0References9

OSV•added 2021/01/06 2:15 p.m.•2 views

CVE-2020-10657

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker with admin or config-admin privileges in the console to execute arbitrary code with local...

7.2CVSS7.4AI score0.02538EPSS

Exploits0References2

OSV•added 2021/01/06 2:15 p.m.•1 views

CVE-2020-8884

rcdsvc in the Proofpoint Insider Threat Management Windows Agent formerly ObserveIT Windows Agent before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes...

8.8CVSS7.6AI score0.04086EPSS

Exploits0References2

OSV•added 2021/01/06 2:15 p.m.•4 views

CVE-2020-10656

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. Th...

9.8CVSS7.6AI score0.02582EPSS

Exploits0References2

OSV•added 2021/01/06 2:15 p.m.•3 views

CVE-2020-10655

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The...

9.8CVSS7.6AI score0.02582EPSS

Exploits0References2

NVD•added 2021/01/06 2:15 p.m.•18 views

CVE-2020-10657

7.2CVSS7.2AI score0.02538EPSS

Exploits0References2

NVD•added 2021/01/06 2:15 p.m.•17 views

CVE-2020-10655

9.8CVSS9.4AI score0.02582EPSS

Exploits0References2

NVD•added 2021/01/06 2:15 p.m.•25 views

CVE-2020-10656

9.8CVSS9.4AI score0.02582EPSS

Exploits0References2

NVD•added 2021/01/06 2:15 p.m.•19 views

CVE-2020-10658

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is...

9.8CVSS9.4AI score0.02684EPSS

Exploits0References2

Prion•added 2021/01/06 2:15 p.m.•14 views

Deserialization of untrusted data

7.5CVSS9.3AI score0.02582EPSS

Exploits0References2Affected Software1

Prion•added 2021/01/06 2:15 p.m.•8 views

Deserialization of untrusted data

9CVSS8.7AI score0.04086EPSS

Exploits0References2Affected Software1

Prion•added 2021/01/06 2:15 p.m.•14 views

Deserialization of untrusted data