Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-27491
A improper verification of source of a communication channel in Fortinet FortiOS with IPS engine version 7.201 up to and including 7.214, 7.001 up to and including 7.113, 6.001 up to and including 6.121, 5.001 up to and including 5.258 and prior to 4.086 allows a remote and unaut...
Fortinet Fortios
Fortinet Fortios 7.2.0
5.5
CVSSv3
CVE-2019-5593
Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below o...
Fortinet Fortios
Fortinet Fortios 6.2.0
NA
CVE-2013-4604
Fortinet FortiOS prior to 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.
Fortinet Fortios 5.0.1
Fortinet Fortios
9.8
CVSSv3
CVE-2021-26109
An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS prior to 7.0.1 may allow an unauthenticated malicious user to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code executi...
Fortinet Fortios
Fortinet Fortios 7.0.0
5.3
CVSSv3
CVE-2022-22306
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 up to and including 6.0.14, 6.2.0 up to and including 6.2.10, 6.4.0 up to and including 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated malicious user to man-in-the-middle the communication ...
Fortinet Fortios 7.0.0
Fortinet Fortios
6
CVSSv3
CVE-2021-36169
A Hidden Functionality in Fortinet FortiOS 7.x prior to 7.0.1, FortiOS 6.4.x prior to 6.4.7 allows malicious user to Execute unauthorized code or commands via specific hex read/write operations.
Fortinet Fortios 7.0.0
Fortinet Fortios
3.3
CVSSv3
CVE-2022-29053
A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the keytab files in FortiOS version 7.2.0, 7.0.0 up to and including 7.0.5 and below 7.0.0 may allow an attacker in possession of the encrypted file to decipher it.
Fortinet Fortios
Fortinet Fortios 7.2.0
3.8
CVSSv3
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 up to and including 6.4.6, 6.2.0 up to and including 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs informa...
Fortinet Fortios 7.0.0
Fortinet Fortios
9.8
CVSSv3
CVE-2023-42789
A out-of-bounds write in Fortinet FortiOS 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.5, 7.0.0 up to and including 7.0.12, 6.4.0 up to and including 6.4.14, 6.2.0 up to and including 6.2.15, FortiProxy 7.4.0, 7.2.0 up to and including 7.2.6, 7.0.0 up to and inc...
Fortinet Fortios
Fortinet Fortios 7.4.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
Fortinet Fortios 7.4.1
2 Articles
8.8
CVSSv3
CVE-2023-41678
A double free in Fortinet FortiOS versions 7.0.0 up to and including 7.0.5, FortiPAM version 1.0.0 up to and including 1.0.3, 1.1.0 up to and including 1.1.1 allows malicious user to execute unauthorized code or commands via specifically crafted request.
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
Fortinet Fortios 7.0.2
Fortinet Fortipam 1.1.0
Fortinet Fortipam 1.0.0
Fortinet Fortipam 1.0.1
Fortinet Fortipam 1.0.2
Fortinet Fortipam 1.0.3
Fortinet Fortipam 1.1.1
Fortinet Fortios 7.0.3
Fortinet Fortios 7.0.4
Fortinet Fortios 7.0.5
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »