Security Advisories

Stay up-to-date with our latest security advisories

Reference this page to stay informed about important security vulnerabilities that could affect specific versions of Proofpoint products or services.

Essentials Filter Bypass with .eml or .msg File Attachments

CVSS 7.5 (High)

Type: Security Advisory

Customers Email message containing badly formatted CSS causes Denial of Service in Spam Engine

CVE-2021-39304 | CVSS 6.7 (Medium)

Type: Security Advisory

ITM Server Unsafe Deserialization of Data retrieved from DB

CVE-2021-40843 | CVSS 8.8 (High)

Type: Security Advisory

ITM Server Blind SQL injection via dbName parameter

CVE-2021-40842 | CVSS 8.1 (High)

Type: Security Advisory

Carefully crafted email causes Denial of Service in Spam Engine

CVE-2021-34814 | CVSS 6.7 (Medium)

Type: Security Advisory

PPS/POD and Essentials Scanning Bypass with Multi-part Attachments

CVE-2020-14009 | CVSS 7.1 (High)

Type: Security Advisory

Insider Threat Management Server Authorization Bypass

CVE-2021-27900 | CVSS 8.1 (High)

Type: Security Advisory

Insider Threat Management Agent Improper Certificate Validation Vulnerability

CVE-2021-27899 | CVSS 7.4 (High)

Type: Security Advisory

Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability

CVE-2021-22159 | CVSS 7.8 (High)

Type: Security Advisory

Insider Threat Management Server Remote Code Execution Vulnerabilities

CVE-2020-10655 | CVSS: 9.8 (Critical)
CVE-2020-10656 | CVSS: 9.8 (Critical)
CVE-2020-10657 | CVSS: 7.2 (High)
CVE-2020-10658 | CVSS: 9.8 (Critical)

Type: Security Advisory