Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-41678
A double free in Fortinet FortiOS versions 7.0.0 up to and including 7.0.5, FortiPAM version 1.0.0 up to and including 1.0.3, 1.1.0 up to and including 1.1.1 allows malicious user to execute unauthorized code or commands via specifically crafted request.
Fortinet Fortios 7.0.0
Fortinet Fortios 7.0.1
Fortinet Fortios 7.0.2
Fortinet Fortipam 1.1.0
Fortinet Fortipam 1.0.0
Fortinet Fortipam 1.0.1
Fortinet Fortipam 1.0.2
Fortinet Fortipam 1.0.3
Fortinet Fortipam 1.1.1
Fortinet Fortios 7.0.3
Fortinet Fortios 7.0.4
Fortinet Fortios 7.0.5
1 Article
6.7
CVSSv3
CVE-2023-29177
Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and prior to 7.1.2 & FortiDDoS-F version 6.5.0 and prior to 6.4.1 allows a privileged malicious user to execute arbitrary code or comm...
Fortinet Fortiadc 7.2.0
Fortinet Fortiadc
Fortinet Fortiadc 7.0.0
Fortinet Fortiadc 6.0.0
Fortinet Fortiadc 5.3.0
Fortinet Fortiadc 5.4.0
Fortinet Fortiadc 6.1.0
Fortinet Fortiadc 5.2.0
Fortinet Fortiadc 6.2.0
Fortinet Fortiddos-f
Fortinet Fortiddos-f 6.5.0
Fortinet Fortiddos-f 6.3.0
Fortinet Fortiddos-f 6.2.0
8.1
CVSSv3
CVE-2022-41335
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 up to and including 7.2.2, 7.0.0 up to and including 7.0.8 and prior to 6.4.10, FortiProxy version 7.2.0 up to and including 7.2.1, 7.0.0 up to and including 7.0.7 and prior to 2.0.10, FortiSwitchM...
Fortinet Fortiswitchmanager 7.0.0
Fortinet Fortiswitchmanager 7.2.0
Fortinet Fortiproxy
Fortinet Fortiproxy 7.2.0
Fortinet Fortiproxy 7.2.1
Fortinet Fortios 7.2.0
Fortinet Fortios
Fortinet Fortios 7.2.1
Fortinet Fortios 7.2.2
9.8
CVSSv3
CVE-2016-1909
Fortinet FortiAnalyzer prior to 5.0.12 and 5.2.x prior to 5.2.5; FortiSwitch 3.3.x prior to 3.3.3; FortiCache 3.0.x prior to 3.0.8; and FortiOS 4.1.x prior to 4.1.11, 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.17 and 5.0.x prior to 5.0.8 have a hardcoded passphrase for the Fortima...
Fortinet Fortios 5.0.2
Fortinet Fortios 5.0.6
Fortinet Fortios 5.0.7
Fortinet Fortios 5.0
Fortinet Fortios 5.0.1
Fortinet Fortios
Fortinet Fortios 5.0.3
Fortinet Fortios 5.0.4
Fortinet Fortios 5.0.5
Fortinet Fortios 5.0.0
1 EDB exploit
6.5
CVSSv3
CVE-2021-43067
A exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version 6.2.1 and below, version 6.1.2 and below, version 6.0.7 to 6.0.1 allows malicious user to duplicate a target LDAP user 2 factors authenticat...
Fortinet Fortiauthenticator
Fortinet Fortiauthenticator 6.1.0
Fortinet Fortiauthenticator 6.1.1
Fortinet Fortiauthenticator 6.1.2
Fortinet Fortiauthenticator 6.2.0
Fortinet Fortiauthenticator 6.2.1
Fortinet Fortiauthenticator 6.3.0
Fortinet Fortiauthenticator 6.3.1
Fortinet Fortiauthenticator 6.3.2
Fortinet Fortiauthenticator 6.4.0
7.8
CVSSv3
CVE-2022-26119
A improper authentication vulnerability in Fortinet FortiSIEM prior to 6.5.0 allows a local attacker with CLI access to perform operations on the Glassfish server directly via a hardcoded password.
Fortinet Fortisiem 6.4.1
Fortinet Fortisiem 6.4.0
Fortinet Fortisiem
Fortinet Fortisiem 6.2.1
Fortinet Fortisiem 6.2.0
Fortinet Fortisiem 5.4.0
Fortinet Fortisiem 5.2.2
Fortinet Fortisiem 5.2.1
Fortinet Fortisiem 5.0.0
Fortinet Fortisiem 5.0.1
NA
CVE-2014-8582
FortiNet FortiADC-E with firmware 3.1.1 prior to 4.0.5 and Coyote Point Equalizer with firmware 10.2.0a allows remote malicious users to obtain access to arbitrary subnets via unspecified vectors.
Fortinet Coyote Point Equalizer Firmware 10.2.0a
Fortinet Coyote Point Equalizer -
Fortinet Fortiadc Firmware 4.0.4
Fortinet Fortiadc Firmware 3.2.0
Fortinet Fortiadc Firmware 3.1.1
Fortinet Fortiadc Firmware 3.2.1
Fortinet Fortiadc-400e -
Fortinet Fortiadc-600e -
Fortinet Fortiadc-1000e -
Fortinet Fortiadc-300e -
6.1
CVSSv3
CVE-2017-3127
A Cross-Site Scripting vulnerability in Fortinet FortiGate 5.2.0 up to and including 5.2.10 allows malicious user to execute unauthorized code or commands via the srcintf parameter during Firewall Policy Creation.
Fortinet Fortios 5.2.3
Fortinet Fortios 5.2.4
Fortinet Fortios 5.2.1
Fortinet Fortios 5.2.2
Fortinet Fortios 5.2.9
Fortinet Fortios 5.2.10
Fortinet Fortios 5.2.0
Fortinet Fortios 5.2.7
Fortinet Fortios 5.2.8
Fortinet Fortios 5.2.5
Fortinet Fortios 5.2.6
5.4
CVSSv3
CVE-2015-3615
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x prior to 5.0.11, 5.2.x prior to 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
NA
CVE-2014-4738
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x prior to 5.2.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
Fortinet Fortiweb 5.0.2
Fortinet Fortiweb 5.0.3
Fortinet Fortiweb 5.1.1
Fortinet Fortiweb 5.1.2
Fortinet Fortiweb 5.0.4
Fortinet Fortiweb 5.0.0
Fortinet Fortiweb 5.1.0
Fortinet Fortiweb 5.2.0
Fortinet Fortiweb 5.1.3
Fortinet Fortiweb 5.1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »