Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-8492
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows malicious users to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.
Fortinet Fortios 4.3.0
Fortinet Fortios 4.3.10
Fortinet Fortios 4.3.13
Fortinet Fortios 4.3.17
Fortinet Fortios 4.3.16
Fortinet Fortios 4.3.15
Fortinet Fortios
Fortinet Fortios 4.3.12
Fortinet Fortios 4.3.14
4.3
CVSSv2
CVE-2014-4738
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x prior to 5.2.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
Fortinet Fortiweb 5.0.2
Fortinet Fortiweb 5.0.3
Fortinet Fortiweb 5.1.1
Fortinet Fortiweb 5.1.2
Fortinet Fortiweb 5.0.4
Fortinet Fortiweb 5.0.0
Fortinet Fortiweb 5.1.0
Fortinet Fortiweb 5.2.0
Fortinet Fortiweb 5.1.3
Fortinet Fortiweb 5.1.4
3.5
CVSSv2
CVE-2015-3615
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x prior to 5.0.11, 5.2.x prior to 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
5
CVSSv2
CVE-2006-3222
The FTP proxy module in Fortinet FortiOS (FortiGate) prior to 2.80 MR12 and 3.0 MR2 allows remote malicious users to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.
Fortinet Fortios 2.5 0mr4
Fortinet Fortios 2.50
Fortinet Fortios 2.80
Fortinet Fortios 3.0
Fortinet Fortios 2.36
Fortinet Fortios 3.0 Beta
Fortinet Fortios 3.0 Mr1
Fortinet Fortios 2.50 Mr5
Fortinet Fortios 2.8 Mr10
NA
CVE-2022-29060
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 up to and including 5.5.1, 5.4.0 up to and including 5.4.2, 5.3.0 up to and including 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens ...
Fortinet Fortiddos 5.5.1
Fortinet Fortiddos 5.5.0
Fortinet Fortiddos 5.4.2
Fortinet Fortiddos 5.4.1
Fortinet Fortiddos 5.4.0
Fortinet Fortiddos 5.3.1
Fortinet Fortiddos 5.3.0
Fortinet Fortiddos 5.2.0
Fortinet Fortiddos 5.1.0
NA
CVE-2023-27997
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all version...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortios-6k7k 7.0.5
Fortinet Fortios-6k7k 7.0.10
Fortinet Fortios-6k7k 6.4.8
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortios-6k7k 6.4.12
Fortinet Fortios-6k7k 6.4.10
Fortinet Fortios-6k7k 6.2.9
Fortinet Fortios-6k7k 6.2.7
Fortinet Fortios-6k7k 6.2.6
Fortinet Fortios-6k7k 6.2.4
Fortinet Fortios-6k7k
Fortinet Fortios-6k7k 6.0.16
Fortinet Fortios-6k7k 6.0.15
Fortinet Fortios-6k7k 6.0.14
Fortinet Fortios-6k7k 6.0.13
Fortinet Fortios-6k7k 6.0.12
Fortinet Fortios-6k7k 6.0.10
7 Github repositories
4 Articles
NA
CVE-2023-42783
A relative path traversal in Fortinet FortiWLM version 8.6.0 up to and including 8.6.5 and 8.5.0 up to and including 8.5.4 and 8.4.2 up to and including 8.4.0 and 8.3.2 up to and including 8.3.0 and 8.2.2 allows malicious user to read arbitrary files via crafted http requests.
Fortinet Fortiwlm 8.2.2
Fortinet Fortiwlm
Fortinet Fortiwlm 8.3.0
Fortinet Fortiwlm 8.3.1
Fortinet Fortiwlm 8.3.2
Fortinet Fortiwlm 8.4.0
Fortinet Fortiwlm 8.4.1
Fortinet Fortiwlm 8.4.2
5
CVSSv2
CVE-2020-15933
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9 and below, FortiMail versions 6.2.4 and below FortiMail versions 6.4.1 and 6.4.0 allows malicious user to obtain potentially sensitive software-version information via client-side re...
Fortinet Fortimail
Fortinet Fortimail 6.2.0
Fortinet Fortimail 6.2.1
Fortinet Fortimail 6.2.2
Fortinet Fortimail 6.2.3
Fortinet Fortimail 6.2.4
Fortinet Fortimail 6.4.0
Fortinet Fortimail 6.4.1
NA
CVE-2023-34991
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 up to and including 8.6.5 and 8.5.0 up to and including 8.5.4 and 8.4.0 up to and including 8.4.2 and 8.3.0 up to and including 8.3.2 and 8.2.2 allo...
Fortinet Fortiwlm 8.2.2
Fortinet Fortiwlm
Fortinet Fortiwlm 8.3.0
Fortinet Fortiwlm 8.3.1
Fortinet Fortiwlm 8.3.2
Fortinet Fortiwlm 8.4.0
Fortinet Fortiwlm 8.4.1
Fortinet Fortiwlm 8.4.2
NA
CVE-2022-26122
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an malicious user to bypass the AV engine via manipulating MIME attachment with junk and pa...
Fortinet Fortimail 4.1.0
Fortinet Fortimail
Fortinet Fortios
Fortinet Fortios 7.2.0
Fortinet Antivirus Engine 6.33
Fortinet Antivirus Engine 6.253
Fortinet Antivirus Engine 6.252
Fortinet Antivirus Engine 6.243
Fortinet Antivirus Engine 6.157
Fortinet Antivirus Engine 6.156
Fortinet Antivirus Engine 6.145
Fortinet Antivirus Engine 6.144
Fortinet Antivirus Engine 6.142
Fortinet Antivirus Engine 6.137
Fortinet Antivirus Engine 4.4.54
Fortinet Antivirus Engine 2.0.60
Fortinet Antivirus Engine 2.0.49
Fortinet Antivirus Engine 0.4.23
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »