Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2016-8492
The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows malicious users to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.
Fortinet Fortios 4.3.0
Fortinet Fortios 4.3.10
Fortinet Fortios 4.3.13
Fortinet Fortios 4.3.17
Fortinet Fortios 4.3.16
Fortinet Fortios 4.3.15
Fortinet Fortios
Fortinet Fortios 4.3.12
Fortinet Fortios 4.3.14
5.4
CVSSv3
CVE-2015-3615
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x prior to 5.0.11, 5.2.x prior to 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving unspecified parameters and a privilege escalation attack.
Fortinet Fortimanager Firmware 5.2.0
Fortinet Fortimanager Firmware 5.2.1
Fortinet Fortimanager Firmware 5.0.9
Fortinet Fortimanager Firmware 5.0.10
Fortinet Fortimanager Firmware 5.0.5
Fortinet Fortimanager Firmware 5.0.6
Fortinet Fortimanager Firmware 5.0.7
Fortinet Fortimanager Firmware 5.0.8
Fortinet Fortimanager Firmware 5.0.3
Fortinet Fortimanager Firmware 5.0.4
NA
CVE-2014-4738
Multiple cross-site scripting (XSS) vulnerabilities in FortiGuard FortiWeb 5.0.x, 5.1.x, and 5.2.x prior to 5.2.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors to (1) user/ldap_user/check_dlg or (2) user/radius_user/check_dlg.
Fortinet Fortiweb 5.0.2
Fortinet Fortiweb 5.0.3
Fortinet Fortiweb 5.1.1
Fortinet Fortiweb 5.1.2
Fortinet Fortiweb 5.0.4
Fortinet Fortiweb 5.0.0
Fortinet Fortiweb 5.1.0
Fortinet Fortiweb 5.2.0
Fortinet Fortiweb 5.1.3
Fortinet Fortiweb 5.1.4
NA
CVE-2006-3222
The FTP proxy module in Fortinet FortiOS (FortiGate) prior to 2.80 MR12 and 3.0 MR2 allows remote malicious users to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.
Fortinet Fortios 2.5 0mr4
Fortinet Fortios 2.50
Fortinet Fortios 2.80
Fortinet Fortios 3.0
Fortinet Fortios 2.36
Fortinet Fortios 3.0 Beta
Fortinet Fortios 3.0 Mr1
Fortinet Fortios 2.50 Mr5
Fortinet Fortios 2.8 Mr10
8.1
CVSSv3
CVE-2022-29060
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 up to and including 5.5.1, 5.4.0 up to and including 5.4.2, 5.3.0 up to and including 5.3.1, 5.2.0, 5.1.0 may allow an attacker who managed to retrieve the key from one device to sign JWT tokens ...
Fortinet Fortiddos 5.5.1
Fortinet Fortiddos 5.5.0
Fortinet Fortiddos 5.4.2
Fortinet Fortiddos 5.4.1
Fortinet Fortiddos 5.4.0
Fortinet Fortiddos 5.3.1
Fortinet Fortiddos 5.3.0
Fortinet Fortiddos 5.2.0
Fortinet Fortiddos 5.1.0
9.8
CVSSv3
CVE-2023-27997
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all version...
Fortinet Fortiproxy
Fortinet Fortios
Fortinet Fortios-6k7k 7.0.5
Fortinet Fortios-6k7k 7.0.10
Fortinet Fortios-6k7k 6.4.8
Fortinet Fortios-6k7k 6.4.6
Fortinet Fortios-6k7k 6.4.2
Fortinet Fortios-6k7k 6.4.12
Fortinet Fortios-6k7k 6.4.10
Fortinet Fortios-6k7k 6.2.9
Fortinet Fortios-6k7k 6.2.7
Fortinet Fortios-6k7k 6.2.6
Fortinet Fortios-6k7k 6.2.4
Fortinet Fortios-6k7k
Fortinet Fortios-6k7k 6.0.16
Fortinet Fortios-6k7k 6.0.15
Fortinet Fortios-6k7k 6.0.14
Fortinet Fortios-6k7k 6.0.13
Fortinet Fortios-6k7k 6.0.12
Fortinet Fortios-6k7k 6.0.10
7 Github repositories
4 Articles
5.3
CVSSv3
CVE-2020-15933
A exposure of sensitive information to an unauthorized actor in Fortinet FortiMail versions 6.0.9 and below, FortiMail versions 6.2.4 and below FortiMail versions 6.4.1 and 6.4.0 allows malicious user to obtain potentially sensitive software-version information via client-side re...
Fortinet Fortimail
Fortinet Fortimail 6.2.0
Fortinet Fortimail 6.2.1
Fortinet Fortimail 6.2.2
Fortinet Fortimail 6.2.3
Fortinet Fortimail 6.2.4
Fortinet Fortimail 6.4.0
Fortinet Fortimail 6.4.1
9.8
CVSSv3
CVE-2023-34991
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 up to and including 8.6.5 and 8.5.0 up to and including 8.5.4 and 8.4.0 up to and including 8.4.2 and 8.3.0 up to and including 8.3.2 and 8.2.2 allo...
Fortinet Fortiwlm 8.2.2
Fortinet Fortiwlm
Fortinet Fortiwlm 8.3.0
Fortinet Fortiwlm 8.3.1
Fortinet Fortiwlm 8.3.2
Fortinet Fortiwlm 8.4.0
Fortinet Fortiwlm 8.4.1
Fortinet Fortiwlm 8.4.2
7.5
CVSSv3
CVE-2023-42783
A relative path traversal in Fortinet FortiWLM version 8.6.0 up to and including 8.6.5 and 8.5.0 up to and including 8.5.4 and 8.4.2 up to and including 8.4.0 and 8.3.2 up to and including 8.3.0 and 8.2.2 allows malicious user to read arbitrary files via crafted http requests.
Fortinet Fortiwlm 8.2.2
Fortinet Fortiwlm
Fortinet Fortiwlm 8.3.0
Fortinet Fortiwlm 8.3.1
Fortinet Fortiwlm 8.3.2
Fortinet Fortiwlm 8.4.0
Fortinet Fortiwlm 8.4.1
Fortinet Fortiwlm 8.4.2
8.6
CVSSv3
CVE-2022-26122
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an malicious user to bypass the AV engine via manipulating MIME attachment with junk and pa...
Fortinet Fortimail 4.1.0
Fortinet Fortimail
Fortinet Fortios
Fortinet Fortios 7.2.0
Fortinet Antivirus Engine 6.33
Fortinet Antivirus Engine 6.253
Fortinet Antivirus Engine 6.252
Fortinet Antivirus Engine 6.243
Fortinet Antivirus Engine 6.157
Fortinet Antivirus Engine 6.156
Fortinet Antivirus Engine 6.145
Fortinet Antivirus Engine 6.144
Fortinet Antivirus Engine 6.142
Fortinet Antivirus Engine 6.137
Fortinet Antivirus Engine 4.4.54
Fortinet Antivirus Engine 2.0.60
Fortinet Antivirus Engine 2.0.49
Fortinet Antivirus Engine 0.4.23
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »