Security Advisories

Stay up-to-date with our latest security advisories

Reference this page to stay informed about important security vulnerabilities that could affect specific versions of Proofpoint products or services.

Carefully crafted email causes Denial of Service in Spam Engine

CVE-2021-34814 | CVSS 6.7 (Medium)

Learn More

ITM Server Unsafe Deserialization of Data retrieved from DB

CVE-2021-40843 | CVSS 8.8 (High)

Learn More

ITM Server Blind SQL injection via dbName parameter

CVE-2021-40842 | CVSS 8.1 (High)

Learn More

Customers Email message containing badly formatted CSS causes Denial of Service in Spam Engine

CVE-2021-39304 | CVSS 6.7 (Medium)

Learn More

PPS/POD and Essentials Scanning Bypass with Multi-part Attachments

CVE-2020-14009 | CVSS 7.1 (High)

Learn More

Insider Threat Management Server Authorization Bypass

CVE-2021-27900 | CVSS 8.1 (High)

Learn More

Insider Threat Management Agent Improper Certificate Validation Vulnerability

CVE-2021-27899 | CVSS 7.4 (High)

Learn More

Insider Threat Management Server Remote Code Execution Vulnerabilities

CVE-2020-10655 | CVSS: 9.8 (Critical)
CVE-2020-10656 | CVSS: 9.8 (Critical)
CVE-2020-10657 | CVSS: 7.2 (High)
CVE-2020-10658 | CVSS: 9.8 (Critical)

Learn More

Insider Threat Management Remote
Code Execution Vulnerability

CVE-2020-8884 | CVSS 8.8 (High)

Learn More

Insider Threat Management Windows
Agent Local Privilege Escalation
Vulnerability

CVE-2021-22159 | CVSS 7.8 (High)

Learn More

2020

Insider Threat Management Server Remote Code Execution Vulnerabilities

CVE-2020-10655 | CVSS: 9.8 (Critical)
CVE-2020-10656 | CVSS: 9.8 (Critical)
CVE-2020-10657 | CVSS: 7.2 (High)
CVE-2020-10658 | CVSS: 9.8 (Critical)

Learn More

Insider Threat Management Remote Code Execution Vulnerability

CVE-2020-8884 | CVSS 8.8 (High)

Learn More

Proofpoint Enterprise Protection Attachment Scanning Bypass Vulnerability

CVE-2019-19680 | CVSS 8.9 (High)

Learn More

Response to CVE-2019-20364

CVE-2019-20364 | CVSS 3.7 (Low)

Learn More