fortinet
1,136 tracked vulnerabilities.
CVE-2023-34991
CRITICAL
FortiWLM 8.2.2-8.6.5 - SQL Injection via Crafted HTTP Request
Nov 14, 2023
CVSS 9.8
EPSS 0.29
CVE-2023-33304
MEDIUM
Fortinet FortiClient <7.0.10, >7.2.1 - Info Disclosure
Nov 14, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-28002
MEDIUM
FortiOS <7.2.3, <7.0.12, all 6.x - Code Injection
Nov 14, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-26205
HIGH
FortiADC <7.1.2 - Privilege Escalation
Nov 14, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-44256
MEDIUM
FortiAnalyzer/FortiManager SSRF via Crafted HTTP Request
Oct 20, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-41843
HIGH
FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-41836
LOW
FortiSandbox 3.0.4-3.0.7, 3.1, 3.2, 4.0, 4.2.1-4.2.4, 4.4.0 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-41682
HIGH
FortiSandbox 2.4-4.4.0 - Path Traversal and Denial of Service via Crafted HTTP Requests
Oct 13, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-41681
HIGH
FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-41680
HIGH
FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-33303
HIGH
Fortinet FortiEDR 5.0.0-5.0.1 - Insufficient Session Expiration via API Request
Oct 13, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-44249
MEDIUM
FortiAnalyzer and FortiManager < 7.2.3 - Authorization Bypass via Crafted HTTP Requests
Oct 10, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-42788
HIGH
FortiAnalyzer/FortiManager OS Command Injection via CLI Arguments
Oct 10, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-42787
MEDIUM
Fortinet FortiManager <7.2.3, FortiAnalyzer <7.2.3 - RCE
Oct 10, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-42782
MEDIUM
FortiAnalyzer <= 7.4.0 and < 7.2.3 - Unauthenticated Syslog Message Spoofing via Device Serial Number
Oct 10, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-41841
HIGH
FortiOS 7.0.0-7.0.11 and 7.2.0-7.2.4 - Authenticated Improper Authorization
Oct 10, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-41838
HIGH
Fortinet Fortianalyzer < 6.2.11 - OS Command Injection
Oct 10, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-41679
HIGH
FortiManager <7.2.2-6.4.11 - Privilege Escalation
Oct 10, 2023
CVSS 8.5
EPSS 0.01
CVE-2023-41675
MEDIUM
FortiOS <7.2.4, FortiProxy <7.2.2 - Use After Free
Oct 10, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-40718
HIGH
Fortinet IPS Engine <7.321-6.158 - Evade IPS
Oct 10, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-37939
LOW
FortiClient 6.2.0-6.2.8, 6.4, 7.0, 7.2.0-7.2.1 - Sensitive Information Exposure via Malware Scan Exclusion List
Oct 10, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-37935
MEDIUM
Fortinet FortiOS <7.0.12-7.2.5-7.4.0 - Info Disclosure
Oct 10, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-36637
LOW
FortiMail 7.2.0-7.2.2 and < 7.0.5 - Authenticated Cross-Site Scripting in Calendar Input Fields
Oct 10, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-36556
HIGH
FortiMail 6.0.0-6.0.11, 7.0.0-7.0.5, 7.2.0-7.2.2 - Authenticated Incorrect Authorization via Crafted HTTP Requests
Oct 10, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-36555
LOW
FortiOS 7.2.0-7.2.4 - Cross-Site Scripting via SAML and Security Fabric Components
Oct 10, 2023
CVSS 3.9
EPSS 0.00
Products
fortios 268
fortiweb 124
fortiproxy 118
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
FortiProxy 29
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters