Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-29178
A access of uninitialized pointer vulnerability [CWE-824] in Fortinet FortiProxy version 7.2.0 up to and including 7.2.3 and prior to 7.0.9 and FortiOS version 7.2.0 up to and including 7.2.4 and prior to 7.0.11 allows an authenticated malicious user to repetitively crash the htt...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios
Fortinet Fortiproxy 7.2.2
Fortinet Fortiproxy 7.2.3
3.3
CVSSv3
CVE-2022-22302
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 up to and including 6.4.1, 6.2.0 up to and including 6.2.9 and 6.0.0 up to and including 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a l...
Fortinet Fortios 6.4.0
Fortinet Fortios
Fortinet Fortiauthenticator 6.1.0
Fortinet Fortios 6.4.1
Fortinet Fortiauthenticator 5.5.0
Fortinet Fortiauthenticator
5
CVSSv3
CVE-2023-45586
An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 up to and including 7.4.1, version 7.2.0 up to and including 7.2.7 and prior to 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 up to and incl...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.4.0
Fortinet Fortiproxy 7.4.1
Fortinet Fortios 7.4.0
Fortinet Fortios 7.4.1
Fortinet Fortios
7.5
CVSSv3
CVE-2019-17657
An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSwitch below 3.6.11, 6.0.6 and 6.2.2, FortiAnalyzer below 6.2.3, FortiManager below 6.2.3 and FortiAP-S/W2 below 6.2.2 may allow an malicious user to cause admin webUI denial of service (DoS) via handling special...
Fortinet Fortianalyzer
Fortinet Fortiap-s
Fortinet Fortiap-w2
Fortinet Fortimanager
Fortinet Fortiswitch
8.8
CVSSv3
CVE-2023-36639
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.10, FortiOS versions 7.4.0, 7.2.0 up to and including 7.2.4, 7.0.0 up to and including 7.0.11, 6.4.0 up to and including 6.4.12, 6.2.0 up to...
Fortinet Fortios
Fortinet Fortiproxy
Fortinet Fortios 7.4.0
Fortinet Fortipam 1.1.0
Fortinet Fortipam
6.5
CVSSv3
CVE-2023-33305
A loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 up to and including 7.2.4, FortiOS version 7.0.0 up to and including 7.0.10, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiProxy version 7.2.0...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortiweb
Fortinet Fortiweb 7.2.0
Fortinet Fortiweb 7.2.1
6.1
CVSSv3
CVE-2017-7733
A Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.4.0 to 5.4.5 and 5.6.0 allows a remote unauthenticated malicious user to execute arbitrary javascript code via webUI "Login Disclaimer" redir parameter.
Fortinet Fortios 5.4.0
Fortinet Fortios 5.4.1
Fortinet Fortios 5.4.2
Fortinet Fortios 5.4.3
Fortinet Fortios 5.4.5
Fortinet Fortios 5.4.4
Fortinet Fortios 5.6.0
7.5
CVSSv3
CVE-2022-26115
A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox prior to 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.
Fortinet Fortisandbox 3.2.2
Fortinet Fortisandbox 4.0.0
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
Fortinet Fortisandbox 3.2.3
Fortinet Fortisandbox 4.0.1
Fortinet Fortisandbox 4.0.2
8.8
CVSSv3
CVE-2014-2722
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an u...
Fortinet Fortibalancer 400 Firmware
Fortinet Fortibalancer 1000 Firmware
Fortinet Fortibalancer 2000 Firmware
Fortinet Fortibalancer 3000 Firmware
6.5
CVSSv3
CVE-2022-27490
A exposure of sensitive information to an unauthorized actor in Fortinet FortiManager version 6.0.0 up to and including 6.0.4, FortiAnalyzer version 6.0.0 up to and including 6.0.4, FortiPortal version 6.0.0 up to and including 6.0.9, 5.3.0 up to and including 5.3.8, 5.2.x, 5.1.0...
Fortinet Fortiportal
Fortinet Fortimanager
Fortinet Fortianalyzer
Fortinet Fortiswitch
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »