fortinet

1,122 tracked vulnerabilities.

CVE-2024-31493 MEDIUM
FortiSOAR 7.0.0-7.3.0 - Authenticated Information Disclosure via HTTP Response
Jun 03, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-23107 MEDIUM
FortiWeb 6.3.0-6.3.22, 7.0.0-7.0.8, 7.2.0-7.2.4, 7.4.0 - Authenticated Password Hash Exposure via CLI Commands
Jun 03, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-31491 HIGH
FortiSandbox 4.2.1-4.2.6 and 4.4.0-4.4.4 - Unauthenticated Remote Code Execution via HTTP Requests
May 14, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-31488 MEDIUM
FortiNAC Multiple Versions - Authenticated Stored and Reflected XSS via HTTP Requests
May 14, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-26007 MEDIUM
FortiOS 7.4.1 - Unauthenticated Denial of Service via Crafted HTTP Requests
May 14, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-23105 HIGH
Fortinet FortiPortal <7.0.6, <7.2.1 - SSRF
May 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-3661 HIGH
FortiClient 6.4.0-7.2.4 - Unauthenticated VPN Traffic Leak via DHCP Classless Static Route Option
May 06, 2024
CVSS 7.6
EPSS 0.03
CVE-2024-31492 HIGH
FortiClientMac <7.2.3, <7.0.10 - Code Injection
Apr 10, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-31487 MEDIUM
FortiSandbox 2.4.0-4.2.6, 4.4.0-4.4.4 - Path Traversal via Crafted HTTP Requests
Apr 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-23671 HIGH
Fortinet FortiSandbox 4.0.0-4.0.4, 4.2.1-4.2.6, 4.4.0-4.4.3 - Path Traversal via Crafted HTTP Requests
Apr 09, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-23662 MEDIUM
FortiOS 6.4.0-6.4.15, 7.0.0-7.0.15, 7.2.0-7.2.5, 7.4.0-7.4.1 - Exposure of Sensitive Information via HTTP Requests
Apr 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-21756 HIGH
Fortinet FortiSandbox 4.0.0-4.0.4, 4.2.1-4.2.6, 4.4.0-4.4.3 - OS Command Injection via Crafted Requests
Apr 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-21755 HIGH
FortiSandbox 4.0.0-4.0.4, 4.2.1-4.2.6, 4.4.0-4.4.3 - OS Command Injection via Crafted Requests
Apr 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-23112 HIGH
FortiOS/FortiProxy SSL-VPN Auth Bypass via URL Manipulation
Mar 12, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-21761 MEDIUM
FortiPortal 7.0.0-7.0.6 and 7.2.0 - Improper Authorization via Request Payload Modification
Mar 12, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-23113 CRITICAL KEV
Fortinet FortiOS/FortiProxy/FortiPAM/FortiSwitchManager Format String Vulnerability via Crafted Packets
Feb 15, 2024
CVSS 9.8
EPSS 0.55
CVE-2024-21762 CRITICAL KEV
FortiOS/FortiProxy Out-of-bounds Write Vulnerability
Feb 09, 2024
CVSS 9.8
EPSS 0.93
CVE-2024-23109 CRITICAL
FortiSIEM - OS Command Injection via Crafted API Requests
Feb 05, 2024
CVSS 10.0
EPSS 0.07
CVE-2024-23108 CRITICAL NUCLEI
Fortinet FortiSIEM - OS Command Injection
Feb 05, 2024
CVSS 10.0
EPSS 0.90
CVE-2023-46718 MEDIUM
Fortinet FortiOS <7.4.1-6.0.18 - Buffer Overflow
Oct 14, 2025
CVSS 6.7
EPSS 0.00
CVE-2023-45584 MEDIUM
Fortinet Fortios < 7.0.13 - Double Free
Aug 12, 2025
CVSS 6.6
EPSS 0.00
CVE-2023-48786 MEDIUM
Fortinet FortiClientEMS <7.4.3 - SSRF
Jun 10, 2025
CVSS 4.3
EPSS 0.00
CVE-2023-29184 LOW
FortiOS <7.2 - Privilege Escalation
Jun 10, 2025
CVSS 3.2
EPSS 0.00
CVE-2023-37930 HIGH
FortiOS 6.4.7-6.4.14 and FortiProxy 7.0.0-7.0.12 - Memory Corruption via Crafted VPN Requests
Apr 08, 2025
CVSS 7.5
EPSS 0.00
CVE-2023-40714 CRITICAL
Fortinet FortiSIEM <6.7.2-6.6.3 - Path Traversal
Apr 02, 2025
CVSS 9.9
EPSS 0.01
Products
fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12
Quick Filters
Critical CVEs With Exploits In CISA KEV