Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.7 views

CVE-2023-43320

An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication component...

8.8CVSS7.4AI score0.0099EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.8 views

CVE-2022-35508

Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG are vulnerable to SSRF when proxying HTTP requests between pvepmgproxy and pvepmgdaemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the server. Also, in Proxmox...

9.8CVSS7AI score0.01175EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:39 a.m.28 views

CVE-2022-35507

A response-header CRLF injection vulnerability in the Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers...

7.1CVSS7AI score0.0138EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-8911

Malware in sbrugna...

6.1CVSS6.3AI score0.00766EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-2362

Malware in sbrugna...

4.3CVSS6.4AI score0.01221EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-8912

Malware in sbrugna...

6.1CVSS6.3AI score0.00881EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.10 views

The vulnerability of the handle_api2_request() function in the Proxmox Virtual Environment platform’s interface, as well as the Proxmox Mail Gateway email protection mechanism, allows a perpetrator to gain access to read, modify, or delete data.

The vulnerability of the handleapi2request function in the Proxmox Virtual Environment platform’s interface, along with the Proxmox Mail Gateway email protection mechanism, is related to improper external management of file names or paths when processing objects like “download” or “data-download”...

8.2CVSS5.4AI score0.00366EPSS
Exploits1References5Affected Software2
CNNVD
CNNVD
added 2023/09/27 12:0 a.m.7 views

Proxmox Virtual Environment Security Vulnerability

Proxmox Virtual Environment Proxmox VE is an open source server virtualization environment Linux distribution from Proxmox. A security vulnerability in Proxmox Server Solutions GmbH Proxmox VE v.5.4 to v.8.0, Proxmox Backup Server v.1.1 to v.3.0, and Proxmox Mail Gateway v.7.1 to v.8.0 has been...

8.8CVSS7AI score0.0099EPSS
Exploits3References5
OSV
OSV
added 2022/12/04 7:15 p.m.4 views

CVE-2022-35508

Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG are vulnerable to SSRF when proxying HTTP requests between pvepmgproxy and pvepmgdaemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the server. Also, in Proxmox...

9.8CVSS5.8AI score
Exploits0References4
NVD
NVD
added 2022/12/04 7:15 p.m.51 views

CVE-2022-35507

A response-header CRLF injection vulnerability in the Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers...

7.1CVSS0.0138EPSS
Exploits1References2
CVE
CVE
added 2022/12/04 12:0 a.m.115 views

CVE-2022-35508

Proxmox CVE-2022-35508 enables SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon, exploitable by an unprivileged user to disclose server files. In Proxmox Mail Gateway, there is also a privilege escalation route to root@pam if backup artifacts were used, because pmg-backup...

9.8CVSS9.2AI score0.01175EPSS
Exploits1References4Affected Software3
Vulnrichment
Vulnrichment
added 2022/12/04 12:0 a.m.9 views

CVE-2022-35507

A response-header CRLF injection vulnerability in the Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers...

7AI score0.0138EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/04 12:0 a.m.8 views

PT-2022-22874 · Proxmox +1 · Pve-Http-Server +3

Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment versions prior to pve-http-server 4.1-3 Proxmox Mail Gateway versions prior to pve-http-server 4.1-3 Description: A response-header CRLF injection vulnerability in the web interface allows a remote attacker to set...

7.1CVSS7.5AI score0.0138EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/12/04 12:0 a.m.60 views

CVE-2022-35507

A response-header CRLF injection vulnerability in the Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers...

7AI score0.0138EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/04 12:0 a.m.8 views

PT-2022-22875 · Proxmox · Proxmox Mail Gateway +1

Name of the Vulnerable Software and Affected Versions: Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG versions prior to pve-http-server 4.1-3 Description: The issue affects Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG when proxying HTTP requests between pvepmgproxy a...

9.8CVSS9.4AI score0.01175EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2022/12/04 12:0 a.m.9 views

CVE-2022-35508

Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG are vulnerable to SSRF when proxying HTTP requests between pvepmgproxy and pvepmgdaemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the server. Also, in Proxmox...

7AI score0.01175EPSS
Exploits1References4
CNVD
CNVD
added 2017/05/05 12:0 a.m.7 views

Proxmox Mail Gateway Open Redirect Vulnerability

Proxmox Mail Gateway is an e-mail gateway product from Proxmox Server Solutions, Austria. The product protects e-mail from virus, phishing and Trojan horse threats. An open redirection vulnerability exists in versions prior to Proxmox Mail Gateway hotfix 4.0-8-097d26a9. A remote attacker can...

6.1CVSS6.7AI score0.00881EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/05 12:0 a.m.7 views

Proxmox Mail Gateway Cross-Site Scripting Vulnerability

Proxmox Mail Gateway is an e-mail gateway product from Proxmox Server Solutions, Austria. The product protects e-mail from virus, phishing and Trojan horse threats. A cross-site scripting vulnerability exists in versions prior to Proxmox Mail Gateway hotfix 4.0-8-097d26a9. A remote attacker can...

6.1CVSS6.2AI score0.00766EPSS
Exploits1References1
NVD
NVD
added 2017/05/03 10:59 a.m.18 views

CVE-2015-9057

Multiple cross-site scripting XSS vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm,...

6.1CVSS6.1AI score0.00766EPSS
Exploits1References1
NVD
NVD
added 2017/05/03 10:59 a.m.19 views

CVE-2015-9058

Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter...

6.1CVSS6.3AI score0.00881EPSS
Exploits1References1
Rows per page
Query Builder