fortinet
1,136 tracked vulnerabilities.
CVE-2023-22642
HIGH
FortiAnalyzer & FortiManager 6.4.8-6.4.10, 7.0.0-7.0.5, 7.2.0-7.2.1 - MITM via Improper Cert Validation
Apr 11, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-22641
MEDIUM
FortiProxy 1.0.0-1.2.x and 2.0.0-2.0.11 - Authenticated Open Redirect
Apr 11, 2023
CVSS 4.1
EPSS 0.00
CVE-2023-22635
HIGH
FortiClient 4.0.0-5.6.6 - Privilege Escalation via Installer Modification
Apr 11, 2023
CVSS 7.3
EPSS 0.00
CVE-2023-26209
LOW
Fortinet FortiDeceptor <3.1.x - DoS
Mar 09, 2023
CVSS 3.7
EPSS 0.02
CVE-2023-26208
LOW
Fortinet FortiAuthenticator <6.4 - DoS
Mar 09, 2023
CVSS 3.7
EPSS 0.02
CVE-2023-25611
MEDIUM
Fortinet FortiAnalyzer <7.2.1 - Code Injection
Mar 07, 2023
CVSS 4.0
EPSS 0.00
CVE-2023-25605
HIGH
Fortinet FortiSOAR 7.3.0-7.3.1 - Authenticated Improper Access Control via Crafted HTTP Requests
Mar 07, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-23776
MEDIUM
FortiAnalyzer 6.4.0-6.4.10, 7.0.0-7.0.4, 7.2.0-7.2.1 - Sensitive Info Exposure via Heartbeat
Mar 07, 2023
CVSS 4.6
EPSS 0.00
CVE-2023-22636
HIGH
FortiWeb 6.3.6-6.3.21, 6.4.0-6.4.2, 7.0.0-7.0.4 - Unauthenticated Configuration File Download via HTTP Request
Feb 27, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-25602
HIGH
FortiWeb 5.6.0-6.4.0 Stack-based Buffer Overflow via Command Arguments
Feb 16, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-23784
MEDIUM
FortiWeb 6.3.6-6.3.20 and 7.0.0-7.0.2 - Path Traversal via Crafted Web Requests
Feb 16, 2023
CVSS 5.7
EPSS 0.01
CVE-2023-23783
MEDIUM
FortiWeb 6.4.0-6.4.1 and 7.0.0-7.0.1 - Remote Code Execution via Format String Injection
Feb 16, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-23782
HIGH
FortiWeb 6.2-6.2.6, 6.3.0-6.3.19, 6.4, 7.0.0-7.0.1 - Heap-based Buffer Overflow via Crafted Command Arguments
Feb 16, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-23781
MEDIUM
FortiWeb 6.3.0-6.3.19, 6.4, <=7.0.1 - Authenticated Stack-based Buffer Overflow via SAML XML Configuration
Feb 16, 2023
CVSS 6.4
EPSS 0.01
CVE-2023-23780
HIGH
FortiWeb 6.3.6-6.3.19, 6.4, 7.0.0-7.0.1 - Stack-based Buffer Overflow via Crafted HTTP Requests
Feb 16, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-23779
MEDIUM
FortiWeb 6.3.6-6.3.19, 6.4, <=7.0.1 - Authenticated OS Command Injection via HTTP Request Parameters
Feb 16, 2023
CVSS 6.8
EPSS 0.01
CVE-2023-23778
MEDIUM
FortiWeb 6.2.3-6.2.6, 6.3, 6.4, 7.0-7.0.1 - Authenticated Path Traversal via Crafted Web Requests
Feb 16, 2023
CVSS 4.9
EPSS 0.01
CVE-2023-22638
HIGH
FortiNAC <= 9.4.1 - Authenticated Cross-Site Scripting via HTTP GET Requests
Feb 16, 2023
CVSS 7.1
EPSS 0.00
CVE-2022-29059
LOW
FortiWeb <7.0.1, <6.4.2, <6.3.20, <6.2.7 - SQL Injection
Mar 14, 2025
CVSS 2.7
EPSS 0.00
CVE-2022-23439
MEDIUM
Fortinet Products - Host Header Web Cache Poisoning
Jan 22, 2025
CVSS 4.7
EPSS 0.00
CVE-2022-45856
MEDIUM
FortiClient 5.0-7.2.1, 6.4-7.2.5, 6.4-7.0.8, 2.0-7.0.7 - Unauthenticated MitM via SAML SSO
Sep 10, 2024
CVSS 4.8
EPSS 0.00
CVE-2022-45862
LOW
FortiOS <7.2.6, FortiProxy <7.4.0, FortiSwitchManager <7.2.2, FortiPAM <1.4.0 - GUI Session Expiration Issue
Aug 13, 2024
CVSS 3.7
EPSS 0.00
CVE-2022-27486
MEDIUM
FortiDDoS 4.5.0-5.5.1 and FortiDDoS-F 6.1.0-6.3.1 - Authenticated OS Command Injection via Execute CLI Commands
Aug 13, 2024
CVSS 6.6
EPSS 0.01
CVE-2022-27488
HIGH
Fortinet Fortiai < 6.0.12 - CSRF
Dec 13, 2023
CVSS 8.3
EPSS 0.00
CVE-2022-40681
HIGH
FortiClient 6.0.0-6.0.10, 6.2.0-6.2.9, 6.4.0-6.4.9, 7.0.0-7.0.7 - Denial of Service via Named Pipe Request
Nov 14, 2023
CVSS 7.1
EPSS 0.00
Products
fortios 268
fortiweb 124
fortiproxy 118
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
FortiProxy 29
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters