Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortios vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-8492
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows malicious users to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.
Fortinet Fortios 4.3.0
Fortinet Fortios 4.3.10
Fortinet Fortios 4.3.13
Fortinet Fortios 4.3.17
Fortinet Fortios 4.3.16
Fortinet Fortios 4.3.15
Fortinet Fortios
Fortinet Fortios 4.3.12
Fortinet Fortios 4.3.14
383
VMScore
CVE-2016-3978
The Web User Interface (WebUI) in FortiOS 5.0.x prior to 5.0.13, 5.2.x prior to 5.2.3, and 5.4.x prior to 5.4.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" p...
Fortinet Fortios 5.0.1
Fortinet Fortios 5.0.0
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.1
Fortinet Fortios 5.0.10
Fortinet Fortios 5.0.9
Fortinet Fortios 5.0.8
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0.11
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.2
Fortinet Fortios 5.2.0
Fortinet Fortios 5.0.12
Fortinet Fortios 5.0.5
Fortinet Fortios 5.0.3
Fortinet Fortios 5.4
383
VMScore
CVE-2015-3626
Cross-site scripting (XSS) vulnerability in the DHCP Monitor page in the Web User Interface (WebUI) in Fortinet FortiOS prior to 5.2.4 on FortiGate devices allows remote malicious users to inject arbitrary web script or HTML via a crafted hostname.
Fortinet Fortios
383
VMScore
CVE-2014-8616
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.2.x prior to 5.2.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to the (1) user group or (2) vpn template menus.
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.2
383
VMScore
CVE-2015-1571
The CAPWAP DTLS protocol implementation in Fortinet FortiOS 5.0 Patch 7 build 4457 uses the same certificate and private key across different customers' installations, which makes it easier for man-in-the-middle malicious users to spoof SSL servers by leveraging the Fortinet...
Fortinet Fortios 5.0.7
383
VMScore
CVE-2013-7181
Cross-site scripting (XSS) vulnerability in user/ldap_user/add in Fortinet FortiOS 5.0.3 allows remote malicious users to inject arbitrary web script or HTML via the filter parameter.
Fortinet Fortiweb 5.0.3
383
VMScore
CVE-2013-7182
Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0.5 allows remote malicious users to inject arbitrary web script or HTML via the mkey parameter.
Fortinet Fortios 5.0.5
357
VMScore
CVE-2019-6693
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' pas...
Fortinet Fortios
Fortinet Fortios 6.2.0
3 Github repositories
357
VMScore
CVE-2018-13374
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows malicious user to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP ser...
Fortinet Fortios
2 Github repositories
1 Article
356
VMScore
CVE-2020-15936
A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows malicious user to disclose sensitive information via SNI Client Hello TLS packets.
Fortinet Fortios
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »