fortinet
1,122 tracked vulnerabilities.
CVE-2023-23780
HIGH
FortiWeb 6.3.6-6.3.19, 6.4, 7.0.0-7.0.1 - Stack-based Buffer Overflow via Crafted HTTP Requests
Feb 16, 2023
CVSS 8.0
EPSS 0.00
CVE-2023-23779
MEDIUM
FortiWeb 6.3.6-6.3.19, 6.4, <=7.0.1 - Authenticated OS Command Injection via HTTP Request Parameters
Feb 16, 2023
CVSS 6.8
EPSS 0.02
CVE-2023-23778
MEDIUM
FortiWeb 6.2.3-6.2.6, 6.3, 6.4, 7.0-7.0.1 - Authenticated Path Traversal via Crafted Web Requests
Feb 16, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-22638
HIGH
FortiNAC <= 9.4.1 - Authenticated Cross-Site Scripting via HTTP GET Requests
Feb 16, 2023
CVSS 7.1
EPSS 0.01
CVE-2022-29059
LOW
FortiWeb <7.0.1, <6.4.2, <6.3.20, <6.2.7 - SQL Injection
Mar 14, 2025
CVSS 2.7
EPSS 0.00
CVE-2022-23439
MEDIUM
Fortinet Products - Host Header Web Cache Poisoning
Jan 22, 2025
CVSS 4.7
EPSS 0.00
CVE-2022-45856
MEDIUM
FortiClient 5.0-7.2.1, 6.4-7.2.5, 6.4-7.0.8, 2.0-7.0.7 - Unauthenticated MitM via SAML SSO
Sep 10, 2024
CVSS 4.8
EPSS 0.00
CVE-2022-45862
LOW
FortiOS <7.2.6, FortiProxy <7.4.0, FortiSwitchManager <7.2.2, FortiPAM <1.4.0 - GUI Session Expiration Issue
Aug 13, 2024
CVSS 3.7
EPSS 0.00
CVE-2022-27486
MEDIUM
FortiDDoS 4.5.0-5.5.1 and FortiDDoS-F 6.1.0-6.3.1 - Authenticated OS Command Injection via Execute CLI Commands
Aug 13, 2024
CVSS 6.6
EPSS 0.01
CVE-2022-27488
HIGH
Fortinet Fortiai < 6.0.12 - CSRF
Dec 13, 2023
CVSS 8.3
EPSS 0.00
CVE-2022-40681
HIGH
FortiClient 6.0.0-6.0.10, 6.2.0-6.2.9, 6.4.0-6.4.9, 7.0.0-7.0.7 - Denial of Service via Named Pipe Request
Nov 14, 2023
CVSS 7.1
EPSS 0.00
CVE-2022-22298
MEDIUM
Fortinet FortiIsolator <2.3.5 - Command Injection
Oct 10, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-35849
HIGH
FortiADC <7.1.1 - Command Injection
Sep 13, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-22305
MEDIUM
FortiManager <7.0.1, FortiAnalyzer <7.0.2, FortiOS <6.4, FortiSandb...
Sep 01, 2023
CVSS 5.4
EPSS 0.00
CVE-2022-23447
HIGH
Fortinet Fortiextender Firmware < 3.2.4 - Path Traversal
Jul 11, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-22302
MEDIUM
FortiGate/FortiAuthenticator <6.4.1/6.2.9/<6.0.13 - Info Disclosure
Jul 11, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-43953
MEDIUM
Fortinet FortiOS <7.2.4 - Code Injection
Jun 13, 2023
CVSS 6.7
EPSS 0.00
CVE-2022-43949
MEDIUM
Fortinet FortiSIEM <6.7.1 - Code Injection
Jun 13, 2023
CVSS 6.2
EPSS 0.00
CVE-2022-42478
HIGH
FortiSIEM < 7.0.0 - Excessive Authentication Attempts via Brute Force
Jun 13, 2023
CVSS 8.1
EPSS 0.00
CVE-2022-42474
MEDIUM
Fortinet Fortiproxy < 1.0.7 - Path Traversal
Jun 13, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-41327
HIGH
Fortinet FortiOS <7.2.4, FortiProxy <7.2.1 - Info Disclosure
Jun 13, 2023
CVSS 7.8
EPSS 0.00
CVE-2022-39946
HIGH
FortiNAC <= 9.4.2, <= 9.2.7, 9.1, 8.8, 8.7, 8.6, 8.5 - Authenticated Unauthorized JSP Calls via Crafted HTTP Requests
Jun 13, 2023
CVSS 7.6
EPSS 0.00
CVE-2022-33877
HIGH
FortiClient/FortiConverter <7.0.6/6.4.8 - Local Privilege Escalation
Jun 13, 2023
CVSS 7.0
EPSS 0.00
CVE-2022-45860
MEDIUM
FortiNAC 7.2.0, 8.7-9.4.2 and FortiNAC-F 7.2.0 - Unauthenticated Weak Authentication in Device Registration
May 03, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-45859
MEDIUM
FortiNAC <=9.4.1, <=9.2.6, <=9.1.8, 8.8.0, 8.7.0; FortiNAC-F 7.2.0 - Insufficiently Protected Credentials
May 03, 2023
CVSS 4.1
EPSS 0.00
Products
fortios 267
fortiweb 124
fortiproxy 117
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 58
fortimail 46
fortiportal 44
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
FortiOS 13
fortianalyzer_big_data 13
forticlientems 13
fortianalyzer_firmware 12
Quick Filters