34 matches found
CVE-2020-10655
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The...
CVE-2020-10656
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. Th...
EUVD-2020-3103
Malware in sbrugna...
EUVD-2020-3102
Malware in sbrugna...
EUVD-2020-3105
Malware in sbrugna...
EUVD-2021-9305
Malicious code in bioql PyPI...
EUVD-2023-39982
Malicious code in bioql PyPI...
CVE-2020-10658
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is...
CVE-2020-10657
The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker with admin or config-admin privileges in the console to execute arbitrary code with local...
CVE-2023-4802
A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management ITM Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to...
CVE-2023-4828 ITM Server Communications Hijack
An improper check for an exceptional condition in the Insider Threat Management ITM Server could be used by an attacker to change the server's configuration of any already-registered agent so that the agent sends all future communications to an attacker-chosen URL. This could result in disclosure...
CVE-2023-36002
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected...
CVE-2023-36002
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected...
CVE-2023-35998
A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before...
Authorization
A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before...
CVE-2023-36002 ITM Server Missing Authorization for URL validation
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected...
CVE-2023-36002
CVE-2023-36002 affects Proofpoint Insider Threat Management Server prior to 7.14.3. A missing authorization check in multiple URL validation endpoints allows an anonymous attacker on an adjacent network to smuggle content via DNS lookups. Impact is limited to affected versions; mitigation is to u...
CVE-2023-36002 ITM Server Missing Authorization for URL validation
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected...
CVE-2023-36000
The CVE-2023-36000 entry concerns the Insider Threat Management Server (Proofpoint) where a missing authorization check in the MacOS agent configuration endpoint allows an adjacent-network attacker to obtain sensitive information after obtaining a valid agent authentication token. Affected versio...
CVE-2023-35998
CVE-2023-35998 concerns Proofpoint’s Insider Threat Management Server. The vulnerability is a missing authorization check in multiple SOAP endpoints, enabling an attacker on an adjacent network to read and write unauthorized objects after obtaining a valid agent authentication token. Affected all...