Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet forticlient vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2015-4077
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient prior to 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.
Fortinet Forticlient
1 EDB exploit
4.3
CVSSv2
CVE-2015-1569
Fortinet FortiClient 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle malicious users to spoof SSL VPN servers via a crafted certificate.
Fortinet Forticlient 5.2.028
4.3
CVSSv2
CVE-2015-1570
The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle malicious users to spoof servers via a crafted certificate.
Fortinet Forticlient 5.2.3.091
Fortinet Forticlient 5.2.028
5
CVSSv2
CVE-2015-1453
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of FoRtInEt!AnDrOiD, which makes it easier for malicious users to obtain passwords and possibly other sensitive data by leveraging the key to decrypt data in the Shared Preferences.
Fortinet Forticlient
5.4
CVSSv2
CVE-2013-4669
FortiClient prior to 4.3.5.472 on Windows, prior to 4.0.3.134 on Mac OS X, and prior to 4.0 on Android; FortiClient Lite prior to 4.3.4.461 on Windows; FortiClient Lite 2.0 up to and including 2.0.0223 on Android; and FortiClient SSL VPN prior to 4.0.2258 on Linux proceed with an...
Fortinet Forticlient
Fortinet Forticlient Lite
Fortinet Forticlient Ssl Vpn
7.2
CVSSv2
CVE-2009-1262
Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name.
Fortinet Forticlient 3.0.614
7.2
CVSSv2
CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and previous versions does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
Fortinet Forticlient Host Security
7.8
CVSSv2
CVE-2005-4570
The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote malicious users to cause a denial of service (termination of a process that is automatically restarted) via IKE packets...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7