Proxmox CVE - OpenCVE

Filtered by vendor Proxmox Subscribe

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-31358	1 Proxmox	1 Virtual Environment	2024-02-05	N/A	9.0 CRITICAL
A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.
CVE-2014-4156	1 Proxmox	1 Virtual Environment	2024-02-04	5.0 MEDIUM	5.3 MEDIUM
Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability
CVE-2015-9058	1 Proxmox	1 Proxmox Mail Gateway	2024-02-04	5.8 MEDIUM	6.1 MEDIUM
Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destination parameter.
CVE-2015-9057	1 Proxmox	1 Proxmox Mail Gateway	2024-02-04	4.3 MEDIUM	6.1 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allow remote attackers to inject arbitrary web script or HTML via multiple parameters, related to /users/index.htm, /quarantine/spam/manage.htm, /quarantine/spam/whitelist.htm, /queues/mail/index/, /system/ssh.htm, /queues/mail/?domain=, and /quarantine/virus/manage.htm.
CVE-2014-2325	1 Proxmox	1 Mail Gateway	2024-02-04	4.3 MEDIUM	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway before 3.1-5829 allow remote attackers to inject arbitrary web script or HTML via the (1) state parameter to objects/who/index.htm or (2) User email address to quarantine/spam/manage.htm.
CVE-2023-43320	1 Proxmox	3 Backup Server, Proxmox Mail Gateway, Virtual Environment	2024-02-02	N/A	8.8 HIGH
An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4 thru v.8.0, Proxmox Backup Server v.1.1 thru v.3.0, and Proxmox Mail Gateway v.7.1 thru v.8.0 allows a remote authenticated attacker to escalate privileges via bypassing the two-factor authentication component.

Vulnerabilities (CVE)