fortinet

1,125 tracked vulnerabilities.

CVE-2023-41842 MEDIUM
Fortinet FortiAnalyzer 6.2.0-6.4.7 & FortiManager 6.2.0-7.0.10 - Remote Code Execution via Format String Injection
Mar 12, 2024
CVSS 6.7
EPSS 0.00
CVE-2023-36554 HIGH
Fortinet FortiManager <7.4.0 - Privilege Escalation
Mar 12, 2024
CVSS 8.1
EPSS 0.01
CVE-2023-29181 HIGH
FortiOS 6.0.0-6.2.14, FortiProxy 1.0.0-2.0.12, FortiPAM 1.0.0-1.0.3 - Use of Externally-Controlled Format String
Feb 22, 2024
CVSS 8.8
EPSS 0.01
CVE-2023-29180 HIGH
Fortinet FortiOS <7.2.4-6.0.16 - DoS
Feb 22, 2024
CVSS 7.5
EPSS 0.03
CVE-2023-29179 MEDIUM
FortiOS 6.4.0-6.4.12, 7.0.0-7.0.11, 7.2.0-7.2.4 & FortiProxy 7.0.0-7.0.10, 7.2.0-7.2.4 DoS via HTTP Requests
Feb 22, 2024
CVSS 6.5
EPSS 0.02
CVE-2023-42791 HIGH
Fortinet FortiManager Path Traversal via Crafted HTTP Requests
Feb 20, 2024
CVSS 8.8
EPSS 0.04
CVE-2023-47537 MEDIUM
FortiOS 7.0.0-7.0.15, 7.2.0-7.2.6, 7.4.0-7.4.1 - Unauthenticated Man-in-the-Middle via FortiLink Certificate Validation
Feb 15, 2024
CVSS 4.8
EPSS 0.00
CVE-2023-45581 HIGH
FortiClientEMS 7.2.0-7.2.2 and < 7.0.10 - Authenticated Privilege Escalation via HTTP Requests
Feb 15, 2024
CVSS 8.8
EPSS 0.01
CVE-2023-44253 MEDIUM
FortiAnalyzer 7.4.0-7.4.1 and < 7.2.5 - Unauthorized Information Exposure via ADOM Enumeration
Feb 15, 2024
CVSS 5.0
EPSS 0.01
CVE-2023-26206 MEDIUM
Fortinet FortiNAC <9.4.2-<9.2.8-<9.1.10 - XSS
Feb 15, 2024
CVSS 6.8
EPSS 0.00
CVE-2023-48783 MEDIUM
PortiPortal <7.2.1-<6.0.14-<5.3.8 - Auth Bypass
Jan 10, 2024
CVSS 5.4
EPSS 0.22
CVE-2023-46712 HIGH
Fortinet FortiPortal <7.0.6, <7.2.1 - Privilege Escalation
Jan 10, 2024
CVSS 7.2
EPSS 0.01
CVE-2023-44250 HIGH
FortiProxy 7.4.0-7.4.1 and 7.2.5 - Authenticated Privilege Escalation via HTTP/HTTPS Requests
Jan 10, 2024
CVSS 8.8
EPSS 0.01
CVE-2023-37934 MEDIUM
FortiPAM 1.0 - Authenticated Denial of Service via High-Frequency HTTP/HTTPS Requests
Jan 10, 2024
CVSS 4.3
EPSS 0.01
CVE-2023-37932 MEDIUM
FortiVoice 7.0.0 and < 6.4.7 - Authenticated Path Traversal via HTTP/HTTPS Requests
Jan 10, 2024
CVSS 6.5
EPSS 0.01
CVE-2023-44252 HIGH
FortiWAN 5.1.1-5.1.2 5.2.0-5.2.1 - Authenticated Privilege Escalation via Crafted JWT Token
Dec 13, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-44251 HIGH
FortiWAN 5.1.1-5.1.2 and 5.2.0-5.2.1 - Authenticated Path Traversal and Arbitrary File Deletion
Dec 13, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-47536 LOW
FortiOS/FortiProxy Unauthenticated Firewall Policy Bypass via GeoIP Update Timing
Dec 13, 2023
CVSS 3.1
EPSS 0.01
CVE-2023-48791 HIGH
FortiPortal <7.0.6 - Command Injection
Dec 13, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-48782 HIGH
Fortinet FortiWLM <8.6.5 - Command Injection
Dec 13, 2023
CVSS 8.8
EPSS 0.03
CVE-2023-46713 MEDIUM
Fortinet FortiWeb <7.4.0 - Info Disclosure
Dec 13, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-45587 LOW
Fortinet FortiSandbox 3.1-4.4.2 - Cross-Site Scripting via Crafted HTTP Requests
Dec 13, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-41844 LOW
FortiSandbox 3.0.4-4.4.2 - Cross-Site Scripting via Capture Traffic Endpoint
Dec 13, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-41678 HIGH
Fortinet FortiOS <7.0.6 - Use After Free
Dec 13, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-41673 HIGH
Fortinet FortiADC <7.2.2 - Info Disclosure
Dec 13, 2023
CVSS 7.1
EPSS 0.00