fortinet

1,136 tracked vulnerabilities.

CVE-2023-34991 CRITICAL
FortiWLM 8.2.2-8.6.5 - SQL Injection via Crafted HTTP Request
Nov 14, 2023
CVSS 9.8
EPSS 0.29
CVE-2023-33304 MEDIUM
Fortinet FortiClient <7.0.10, >7.2.1 - Info Disclosure
Nov 14, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-28002 MEDIUM
FortiOS <7.2.3, <7.0.12, all 6.x - Code Injection
Nov 14, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-26205 HIGH
FortiADC <7.1.2 - Privilege Escalation
Nov 14, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-44256 MEDIUM
FortiAnalyzer/FortiManager SSRF via Crafted HTTP Request
Oct 20, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-41843 HIGH
FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-41836 LOW
FortiSandbox 3.0.4-3.0.7, 3.1, 3.2, 4.0, 4.2.1-4.2.4, 4.4.0 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-41682 HIGH
FortiSandbox 2.4-4.4.0 - Path Traversal and Denial of Service via Crafted HTTP Requests
Oct 13, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-41681 HIGH
FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-41680 HIGH
FortiSandbox 2.4.1-4.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Oct 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-33303 HIGH
Fortinet FortiEDR 5.0.0-5.0.1 - Insufficient Session Expiration via API Request
Oct 13, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-44249 MEDIUM
FortiAnalyzer and FortiManager < 7.2.3 - Authorization Bypass via Crafted HTTP Requests
Oct 10, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-42788 HIGH
FortiAnalyzer/FortiManager OS Command Injection via CLI Arguments
Oct 10, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-42787 MEDIUM
Fortinet FortiManager <7.2.3, FortiAnalyzer <7.2.3 - RCE
Oct 10, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-42782 MEDIUM
FortiAnalyzer <= 7.4.0 and < 7.2.3 - Unauthenticated Syslog Message Spoofing via Device Serial Number
Oct 10, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-41841 HIGH
FortiOS 7.0.0-7.0.11 and 7.2.0-7.2.4 - Authenticated Improper Authorization
Oct 10, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-41838 HIGH
Fortinet Fortianalyzer < 6.2.11 - OS Command Injection
Oct 10, 2023
CVSS 7.1
EPSS 0.01
CVE-2023-41679 HIGH
FortiManager <7.2.2-6.4.11 - Privilege Escalation
Oct 10, 2023
CVSS 8.5
EPSS 0.01
CVE-2023-41675 MEDIUM
FortiOS <7.2.4, FortiProxy <7.2.2 - Use After Free
Oct 10, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-40718 HIGH
Fortinet IPS Engine <7.321-6.158 - Evade IPS
Oct 10, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-37939 LOW
FortiClient 6.2.0-6.2.8, 6.4, 7.0, 7.2.0-7.2.1 - Sensitive Information Exposure via Malware Scan Exclusion List
Oct 10, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-37935 MEDIUM
Fortinet FortiOS <7.0.12-7.2.5-7.4.0 - Info Disclosure
Oct 10, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-36637 LOW
FortiMail 7.2.0-7.2.2 and < 7.0.5 - Authenticated Cross-Site Scripting in Calendar Input Fields
Oct 10, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-36556 HIGH
FortiMail 6.0.0-6.0.11, 7.0.0-7.0.5, 7.2.0-7.2.2 - Authenticated Incorrect Authorization via Crafted HTTP Requests
Oct 10, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-36555 LOW
FortiOS 7.2.0-7.2.4 - Cross-Site Scripting via SAML and Security Fabric Components
Oct 10, 2023
CVSS 3.9
EPSS 0.00