Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortimail vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-26090
A missing release of memory after its effective lifetime vulnerability in the Webmail of FortiMail 6.4.0 up to and including 6.4.4 and 6.2.0 up to and including 6.2.6 may allow an unauthenticated remote malicious user to exhaust available memory via specifically crafted login req...
Fortinet Fortimail
5
CVSSv2
CVE-2021-26100
A missing cryptographic step in the Identity-Based Encryption service of FortiMail prior to 7.0.0 may allow an unauthenticated attacker who intercepts the encrypted messages to manipulate them in such a way that makes the tampering and the recovery of the plaintexts possible.
Fortinet Fortimail
4.6
CVSSv2
CVE-2021-42757
A buffer overflow [CWE-121] in the TFTP client library of FortiOS prior to 6.4.7 and FortiOS 7.0.0 up to and including 7.0.2, may allow an authenticated local malicious user to achieve arbitrary code execution via specially crafted command line arguments.
Fortinet Fortiweb 6.4.0
Fortinet Fortios
Fortinet Fortiweb 6.4.1
Fortinet Fortiproxy 7.0.0
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiproxy 7.0.1
Fortinet Fortimail
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortiweb
Fortinet Fortiproxy
Fortinet Fortindr
Fortinet Fortiswitch
Fortinet Fortirecorder Firmware
Fortinet Fortios-6k7k
Fortinet Fortiadc
Fortinet Fortiportal
Fortinet Fortivoice
4.3
CVSSv2
CVE-2021-43062
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiMail version 7.0.1 and 7.0.0, version 6.4.5 and below, version 6.3.7 and below, version 6.0.11 and below allows malicious user to execute unauthorized code or command...
Fortinet Fortimail
4.3
CVSSv2
CVE-2017-7732
A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet FortiMail 5.1 and previous versions, 5.2.0 up to and including 5.2.9, and 5.3.0 up to and including 5.3.9 customized pre-authentication webmail login page allows malicious user to inject arbitrary web script or HTML...
Fortinet Fortimail 4.1.0
Fortinet Fortimail 4.2.0
Fortinet Fortimail 5.0.10
Fortinet Fortimail 5.1
Fortinet Fortimail 5.2
Fortinet Fortimail 5.2.1
Fortinet Fortimail 5.2.2
Fortinet Fortimail 5.3.5
Fortinet Fortimail 5.3.6
Fortinet Fortimail 5.3.7
Fortinet Fortimail 5.3.8
Fortinet Fortimail 5.0.2
Fortinet Fortimail 5.0.3
Fortinet Fortimail 5.0.4
Fortinet Fortimail 5.0.5
Fortinet Fortimail 5.2.7
Fortinet Fortimail 5.2.8
Fortinet Fortimail 5.2.9
Fortinet Fortimail 5.3
Fortinet Fortimail 5.0
Fortinet Fortimail 5.0.1
Fortinet Fortimail 5.0.6
4.3
CVSSv2
CVE-2017-3125
An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an malicious user to execute arbitrary scripts in the security context of the browser of a victim logged in FortiMail, assuming the victim is social engineered into clicking an URL cra...
Fortinet Fortimail 5.3.1
Fortinet Fortimail 5.3.3
Fortinet Fortimail 5.3.5
Fortinet Fortimail 5.2.1
Fortinet Fortimail 5.2.3
Fortinet Fortimail 5.1
Fortinet Fortimail 5.1.3
Fortinet Fortimail 5.0.6
Fortinet Fortimail 5.0.8
Fortinet Fortimail 5.0.10
Fortinet Fortimail 5.3
Fortinet Fortimail 5.2.5
Fortinet Fortimail 5.2.6
Fortinet Fortimail 5.2.7
Fortinet Fortimail 5.2.8
Fortinet Fortimail 5.3.2
Fortinet Fortimail 5.3.4
Fortinet Fortimail 5.2.2
Fortinet Fortimail 5.2.4
Fortinet Fortimail 5.2.9
Fortinet Fortimail 5.1.2
Fortinet Fortimail 5.0.7
4.3
CVSSv2
CVE-2014-8617
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail prior to 4.3.9, 5.0.x prior to 5.0.8, 5.1.x prior to 5.1.5, and 5.2.x prior to 5.2.3 allows remote malicious users to inject arbitrary web script or HTML via ...
Fortinet Fortimail 5.0.4
Fortinet Fortimail 5.0.2
Fortinet Fortimail 5.1.4
Fortinet Fortimail 5.2.1
Fortinet Fortimail 5.0
Fortinet Fortimail 5.1
Fortinet Fortimail 5.1.1
Fortinet Fortimail 5.1.2
Fortinet Fortimail
Fortinet Fortimail 5.0.7
Fortinet Fortimail 5.0.6
Fortinet Fortimail 5.0.5
Fortinet Fortimail 5.0.3
Fortinet Fortimail 5.0.1
Fortinet Fortimail 5.1.3
Fortinet Fortimail 5.2
Fortinet Fortimail 5.2.2
4.3
CVSSv2
CVE-2013-1471
Multiple cross-site scripting (XSS) vulnerabilities in admin/FEAdmin.html in Fortinet FortiMail prior to 4.3.4 on FortiMail Identity-Based Encryption (IBE) appliances allow user-assisted remote malicious users to inject arbitrary web script or HTML via (1) the Add field for the B...
Fortinet Fortimail 3.0
Fortinet Fortimail 4.0
Fortinet Fortimail
1 EDB exploit
4
CVSSv2
CVE-2021-24013
Multiple Path traversal vulnerabilities in the Webmail of FortiMail prior to 6.4.4 may allow a regular user to obtain unauthorized access to files and data via specifically crafted web requests.
Fortinet Fortimail
4
CVSSv2
CVE-2021-26099
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail prior to 7.0.0 may allow an attacker who comes in possession of the encrypted master keys to compromise their confidentiality by observing a few invariant properties of the ciphertext.
Fortinet Fortimail
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »