fortinet
1,122 tracked vulnerabilities.
CVE-2024-33508
HIGH
FortiClientEMS 7.0.0-7.0.12 - Unauthenticated Command Injection via Crafted Requests
Sep 10, 2024
CVSS 7.3
EPSS 0.02
CVE-2024-31490
MEDIUM
Fortinet FortiSandbox 3.2.2-4.4.4 - Exposure of Sensitive Information via HTTP GET Requests
Sep 10, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-31489
MEDIUM
FortiClient 7.0.0-7.0.11, 7.2.0-7.2.4 - Unauthenticated MITM via ZTNA Tunnel Certificate Validation
Sep 10, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-21753
MEDIUM
FortiClientEMS 1.2.1-1.2.5 - Path Traversal and Limited File Read/Write via HTTP Requests
Sep 10, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-36505
MEDIUM
FortiOS <7.4.3, <7.2.7, <7.0.14, <=6.4 - Privilege Escalation
Aug 13, 2024
CVSS 5.1
EPSS 0.00
CVE-2024-21757
MEDIUM
Fortinet FortiManager/FortiAnalyzer <7.4.1 - Info Disclosure
Aug 13, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-33509
MEDIUM
FortiWeb 6.3.0-7.2.1 - Unauthenticated Improper Certificate Validation
Jul 09, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-27785
MEDIUM
Fortinet FortiAIOps 2.0.0 - Authenticated CSV Injection via Poisoned Reports
Jul 09, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-27784
HIGH
Fortinet FortiAIOps <2.0.0 - Info Disclosure
Jul 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-27783
HIGH
Fortinet FortiAIOps 2.0.0 - Cross-Site Request Forgery via Malicious GET Requests
Jul 09, 2024
CVSS 7.6
EPSS 0.01
CVE-2024-27782
HIGH
Fortinet FortiAIOps <2.0.0 - Info Disclosure
Jul 09, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-26015
LOW
FortiProxy <7.4.3 - Unauthenticated Bypass
Jul 09, 2024
CVSS 3.4
EPSS 0.00
CVE-2024-23663
HIGH
Fortinet FortiExtender Privilege Escalation via Crafted HTTP Request
Jul 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21759
MEDIUM
FortiPortal 7.0.0-7.0.6 and 7.2.0 - Authorization Bypass via HTTP/HTTPS Requests
Jul 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-31495
MEDIUM
FortiPortal 7.0.0-7.0.6 and 7.2.0 - Authenticated SQL Injection via Report Download Functionality
Jun 11, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-26010
HIGH
Fortinet FortiOS Stack-based Buffer Overflow via Crafted Packets
Jun 11, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23111
MEDIUM
FortiProxy 7.0.0-7.0.14 and FortiOS 7.0.0-7.0.13 - Authenticated Stored Cross-Site Scripting via Reboot Page
Jun 11, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-23110
HIGH
FortiOS Stack-based Buffer Overflow via Crafted Commands
Jun 11, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-21754
LOW
FortiProxy 2.0.0-2.0.13 and FortiOS 6.4.0-6.4.14 - Use of Password Hash With Insufficient Computational Effort
Jun 11, 2024
CVSS 1.8
EPSS 0.05
CVE-2024-23669
MEDIUM
FortiWebManager 6.2.3-6.2.4, 6.3.0, 7.0.0-7.0.4, 7.2.0 - Unauthenticated Remote Code Execution via HTTP Requests or CLI
Jun 05, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-23670
HIGH
FortiWebManager 6.2.3-6.2.4, 6.3.0, 7.0.0-7.0.4, 7.2.0 - Improper Authorization
Jun 03, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-23668
HIGH
FortiWebManager 6.2.3-6.2.4, 6.3.0, 7.0.0-7.0.4, 7.2.0 - Unauthenticated Remote Code Execution via HTTP Requests or CLI
Jun 03, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-23667
HIGH
FortiWebManager 6.2.3-6.2.4, 6.3.0, 7.0.0-7.0.4, 7.2.0 - Improper Authorization
Jun 03, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-23665
MEDIUM
FortiWeb < 6.3.23 - Authenticated Improper Authorization via ADOM Operations
Jun 03, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-23664
MEDIUM
FortiAuthenticator 6.4.0-6.4.9, 6.5.0-6.5.3, 6.6.0 - Open Redirect via Crafted URL
Jun 03, 2024
CVSS 6.1
EPSS 0.00
Products
fortios 267
fortiweb 124
fortiproxy 117
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 58
fortimail 46
fortiportal 44
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
FortiOS 13
fortianalyzer_big_data 13
forticlientems 13
fortianalyzer_firmware 12
Quick Filters