Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortios vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-28002
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.2 all versions, 7.0 all versions, 2.0 all versions VMs may a...
Fortinet Fortios
Fortinet Fortiproxy
4.3
CVSSv3
CVE-2024-23112
An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiOS version 7.4.0 up to and including 7.4.1, 7.2.0 up to and including 7.2.6, 7.0.1 up to and including 7.0.13, 6.4.7 up to and including 6.4.14, and FortiProxy version 7.4.0 up to and including 7....
Fortinet Fortios
Fortinet Fortiproxy
1 Article
4.3
CVSSv3
CVE-2021-43206
A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 up to and including 7.0.3, 6.4.0 up to and including 6.4.8, 6.2.x, 6.0.x and FortiProxy 7.0.0 up to and including 7.0.1, 2.0.x allows malicious webservers to retrieve a web proxy's cl...
Fortinet Fortios
Fortinet Fortiproxy
5.4
CVSSv3
CVE-2023-22641
A url redirection to untrusted site ('open redirect') in Fortinet FortiOS version 7.2.0 up to and including 7.2.3, FortiOS version 7.0.0 up to and including 7.0.9, FortiOS versions 6.4.0 up to and including 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, For...
Fortinet Fortios
Fortinet Fortiproxy
6.7
CVSSv3
CVE-2021-44170
A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS prior to 7.0.4 and FortiProxy prior to 2.0.8 may allow an authenticated malicious user to execute unauthorized code or commands via specially crafted command line arguments.
Fortinet Fortiproxy
Fortinet Fortios
8.8
CVSSv3
CVE-2022-43947
An improper restriction of excessive authentication attempts vulnerability [CWE-307] in Fortinet FortiOS version 7.2.0 up to and including 7.2.3 and prior to 7.0.10, FortiProxy version 7.2.0 up to and including 7.2.2 and prior to 7.0.8 administrative interface allows an attacker ...
Fortinet Fortiproxy
Fortinet Fortios
5.3
CVSSv3
CVE-2022-41329
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 up to and including 7.2.1 and 7.0.0 up to and including 7.0.7, FortiOS version 7.2.0 up to and including 7.2.3 and 7.0.0 up to and including 7.0.9 allows an ...
Fortinet Fortios
Fortinet Fortiproxy
6.1
CVSSv3
CVE-2022-41330
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in Fortinet FortiOS version 7.2.0 up to and including 7.2.3, version 7.0.0 up to and including 7.0.9, version 6.4.0 up to and including 6.4.11 and prior to 6.2...
Fortinet Fortiproxy
Fortinet Fortios
6.5
CVSSv3
CVE-2019-17656
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote malicious user to crash the service by sending a malformed PUT request to t...
Fortinet Fortiproxy
Fortinet Fortios
7.4
CVSSv3
CVE-2022-39948
An improper certificate validation vulnerability [CWE-295] in FortiOS 7.2.0 up to and including 7.2.3, 7.0.0 up to and including 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.0.0 up to and including 7.0.6, 2.0 all versions, 1.2 all versions may allo...
Fortinet Fortiproxy
Fortinet Fortios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »