Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-0331
Cross-site scripting (XSS) vulnerability in the web administration interface in FortiADC with firmware prior to 3.2.1 allows remote malicious users to inject arbitrary web script or HTML via the locale parameter to gui_partA/.
Fortinet Fortiadc Firmware
Fortinet Fortiadc-1000e -
Fortinet Fortiadc-600e -
Fortinet Fortiadc-400e -
Fortinet Fortiadc-4000d -
Fortinet Fortiadc-2000d -
Fortinet Fortiadc-1500d -
Fortinet Fortiadc-300e -
Fortinet Fortiadc-200d -
NA
CVE-2014-4738
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x prior to 5.2.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
Fortinet Fortiweb 5.0.2
Fortinet Fortiweb 5.0.3
Fortinet Fortiweb 5.1.1
Fortinet Fortiweb 5.1.2
Fortinet Fortiweb 5.0.4
Fortinet Fortiweb 5.0.0
Fortinet Fortiweb 5.1.0
Fortinet Fortiweb 5.2.0
Fortinet Fortiweb 5.1.3
Fortinet Fortiweb 5.1.4
5.4
CVSSv3
CVE-2015-3615
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x prior to 5.0.11, 5.2.x prior to 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
NA
CVE-2006-3222
The FTP proxy module in Fortinet FortiOS (FortiGate) prior to 2.80 MR12 and 3.0 MR2 allows remote malicious users to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.
Fortinet Fortios 2.5 0mr4
Fortinet Fortios 2.50
Fortinet Fortios 2.80
Fortinet Fortios 3.0
Fortinet Fortios 2.36
Fortinet Fortios 3.0 Beta
Fortinet Fortios 3.0 Mr1
Fortinet Fortios 2.50 Mr5
Fortinet Fortios 2.8 Mr10
8.1
CVSSv3
CVE-2022-29060
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 up to and including 5.5.1, 5.4.0 up to and including 5.4.2, 5.3.0 up to and including 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens ...
Fortinet Fortiddos 5.5.1
Fortinet Fortiddos 5.5.0
Fortinet Fortiddos 5.4.2
Fortinet Fortiddos 5.4.1
Fortinet Fortiddos 5.4.0
Fortinet Fortiddos 5.3.1
Fortinet Fortiddos 5.3.0
Fortinet Fortiddos 5.2.0
Fortinet Fortiddos 5.1.0
5.3
CVSSv3
CVE-2020-15933
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9 and below, FortiMail versions 6.2.4 and below FortiMail versions 6.4.1 and 6.4.0 allows malicious user to obtain potentially sensitive software-version information via client-side re...
Fortinet Fortimail
Fortinet Fortimail 6.2.0
Fortinet Fortimail 6.2.1
Fortinet Fortimail 6.2.2
Fortinet Fortimail 6.2.3
Fortinet Fortimail 6.2.4
Fortinet Fortimail 6.4.0
Fortinet Fortimail 6.4.1
7.5
CVSSv3
CVE-2023-42783
A relative path traversal in Fortinet FortiWLM version 8.6.0 up to and including 8.6.5 and 8.5.0 up to and including 8.5.4 and 8.4.2 up to and including 8.4.0 and 8.3.2 up to and including 8.3.0 and 8.2.2 allows malicious user to read arbitrary files via crafted http requests.
Fortinet Fortiwlm 8.2.2
Fortinet Fortiwlm
Fortinet Fortiwlm 8.3.0
Fortinet Fortiwlm 8.3.1
Fortinet Fortiwlm 8.3.2
Fortinet Fortiwlm 8.4.0
Fortinet Fortiwlm 8.4.1
Fortinet Fortiwlm 8.4.2
9.8
CVSSv3
CVE-2023-34991
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 up to and including 8.6.5 and 8.5.0 up to and including 8.5.4 and 8.4.0 up to and including 8.4.2 and 8.3.0 up to and including 8.3.2 and 8.2.2 allo...
Fortinet Fortiwlm 8.2.2
Fortinet Fortiwlm
Fortinet Fortiwlm 8.3.0
Fortinet Fortiwlm 8.3.1
Fortinet Fortiwlm 8.3.2
Fortinet Fortiwlm 8.4.0
Fortinet Fortiwlm 8.4.1
Fortinet Fortiwlm 8.4.2
5.4
CVSSv3
CVE-2022-42472
A improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS versions 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8, 6.4.0 up to and including 6.4.11, 6.2.0 up to and including 6.2.12, 6.0.0 up to and inc...
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
Fortinet Fortios 7.2.2
9.8
CVSSv3
CVE-2023-27997
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all version...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortios-6k7k 7.0.5
Fortinet Fortios-6k7k 7.0.10
Fortinet Fortios-6k7k 6.4.8
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortios-6k7k 6.4.12
Fortinet Fortios-6k7k 6.4.10
Fortinet Fortios-6k7k 6.2.9
Fortinet Fortios-6k7k 6.2.7
Fortinet Fortios-6k7k 6.2.6
Fortinet Fortios-6k7k 6.2.4
Fortinet Fortios-6k7k
Fortinet Fortios-6k7k 6.0.16
Fortinet Fortios-6k7k 6.0.15
Fortinet Fortios-6k7k 6.0.14
Fortinet Fortios-6k7k 6.0.13
Fortinet Fortios-6k7k 6.0.12
Fortinet Fortios-6k7k 6.0.10
7 Github repositories
4 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »