fortinet

1,136 tracked vulnerabilities.

CVE-2023-29182 MEDIUM
Fortinet FortiOS <7.0.3 - Buffer Overflow
Aug 17, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-33308 CRITICAL
Fortinet FortiOS <7.0.10,7.2.3 - Buffer Overflow
Jul 26, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-28001 MEDIUM
FortiOS 7.0.0-7.0.12 and 7.2.0-7.2.4 - Insufficient Session Expiration via REST API
Jul 11, 2023
CVSS 4.1
EPSS 0.01
CVE-2023-25606 MEDIUM
FortiAnalyzer and FortiManager 6.4.0-6.4.11, 7.0.0-7.0.5, 7.2.0-7.2.1 - Authenticated Path Traversal
Jul 11, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23777 HIGH
FortiWeb <=7.0.1, 6.4, <=6.3.18 - Authenticated OS Command Injection via CLI Backup
Jul 11, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-33299 CRITICAL
Fortinet FortiNAC <7.2.1, <9.4.3, <9.2.8, <=8.x - Use After Free
Jun 23, 2023
CVSS 9.8
EPSS 0.24
CVE-2023-33307 MEDIUM
Fortinet FortiOS <7.2.5-7.0.11 - DoS
Jun 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-33306 MEDIUM
Fortinet FortiOS <7.2.5, <7.0.11, <6.4.13 - DoS
Jun 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-33305 MEDIUM
Fortinet FortiOS <7.2.4 & FortiProxy <7.2.3 - DoS
Jun 13, 2023
CVSS 4.9
EPSS 0.01
CVE-2023-29178 MEDIUM
Fortinet FortiProxy <7.2.3, FortiOS <7.0.11 - Use After Free
Jun 13, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-29175 MEDIUM
FortiOS and FortiProxy - Man-in-the-Middle via Improper FortiGuard Certificate Validation
Jun 13, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-28000 MEDIUM
FortiADC 6.0.0-6.0.3, 6.1.0-6.1.x, 6.2.0-6.2.4, 7.0.0-7.0.3, 7.1.0 - OS Command Injection via Diagnose System DF CLI
Jun 13, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-27997 CRITICAL KEV
FortiOS/FortiProxy SSL-VPN Heap-based Buffer Overflow
Jun 13, 2023
CVSS 9.8
EPSS 0.86
CVE-2023-26210 HIGH
FortiADC 5.2.0-5.2.7 - Authenticated OS Command Injection via CLI Requests
Jun 13, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-26207 LOW
Fortinet FortiOS <7.2.5 - Info Disclosure
Jun 13, 2023
CVSS 3.3
EPSS 0.01
CVE-2023-26204 LOW
FortiSIEM 5.3.0-6.7 - Plaintext Password Storage
Jun 13, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-25609 MEDIUM
FortiManager and FortiAnalyzer 6.4.8-6.4.11, 7.0.0-7.0.6, 7.2.0-7.2.1 - Authenticated Server-Side Request Forgery
Jun 13, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-22639 MEDIUM
FortiProxy < 1.0.7 and 2.0 - Out-of-bounds Write via Crafted Commands
Jun 13, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-22633 HIGH
FortiNAC <=9.4.1, <=9.2.6, <=9.1.8, 8.8.0, 8.7.0 - Unauthenticated DoS via Client-Secure Renegotiation
Jun 13, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27999 HIGH
FortiADC 7.1.0-7.1.1, 7.2.0 - Authenticated OS Command Injection via Crafted Arguments
May 03, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-27993 MEDIUM
FortiADC 7.2.0 and before 7.1.1 - Authenticated Path Traversal via CLI Commands
May 03, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-26203 MEDIUM
FortiNAC-F <7.2.0, FortiNAC <9.4.2, 9.1-9.2, 8.7-8.8 - Info Disclosure
May 03, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-22640 HIGH
FortiProxy 7.2.0-7.2.1, 7.0.0-7.0.7, 2.0, 1.2, 1.1, 1.0 - Authenticated Out-of-bounds Write
May 03, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22637 MEDIUM
FortiNAC and FortiNAC-F - Authenticated Remote Code Execution via License Management
May 03, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-27995 HIGH
Fortinet FortiSOAR 7.3.0-7.3.1 - Authenticated Remote Code Execution via Template Injection
Apr 11, 2023
CVSS 7.2
EPSS 0.01