fortinet

1,136 tracked vulnerabilities.

CVE-2022-40675 MEDIUM
Fortinet FortiNAC 8.3.7-9.4.1 - Cryptographic Issues
Feb 16, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-39954 HIGH
FortiNAC 8.3.7-9.4.1 - XML External Entity Injection via Crafted XML Documents
Feb 16, 2023
CVSS 7.3
EPSS 0.01
CVE-2022-39952 CRITICAL NUCLEI
Fortinet FortiNAC keyUpload.jsp arbitrary file write
Feb 16, 2023
CVSS 9.8
EPSS 1.00
CVE-2022-39948 MEDIUM
FortiOS 6.0.0-7.0.7 and FortiProxy 1.2.0-2.0.8 - Unauthenticated Man-in-the-Middle via Improper Certificate Validation
Feb 16, 2023
CVSS 4.8
EPSS 0.00
CVE-2022-38378 MEDIUM
Fortinet FortiOS <7.2.0-7.0.7 - Privilege Escalation
Feb 16, 2023
CVSS 4.2
EPSS 0.00
CVE-2022-38376 MEDIUM
Fortinet FortiNAC < 9.4.1 - Cross-Site Scripting via Crafted HTTP Requests
Feb 16, 2023
CVSS 6.1
EPSS 0.01
CVE-2022-38375 CRITICAL
Fortinet FortiNAC <9.4.1 - Auth Bypass
Feb 16, 2023
CVSS 9.1
EPSS 0.01
CVE-2022-33871 MEDIUM
FortiWeb <=7.0.1/6.4/6.3.19 Authenticated Stack Overflow via CLI Backup
Feb 16, 2023
CVSS 6.6
EPSS 0.01
CVE-2022-33869 HIGH
FortiWAN <4.5.9 - Command Injection
Feb 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2022-30306 MEDIUM
FortiWeb 6.3.6-6.3.19, 6.4, <=7.0.1 - Authenticated Stack-based Buffer Overflow via CA Sign Password
Feb 16, 2023
CVSS 6.6
EPSS 0.01
CVE-2022-30304 MEDIUM
FortiAnalyzer < 7.2.1, < 7.0.4, < 6.4.8 - Stored XSS via FortiWeb Attack Event Logview URL
Feb 16, 2023
CVSS 4.3
EPSS 0.01
CVE-2022-30303 HIGH
FortiWeb 6.3.0-6.3.19, 6.4, 7.0.0-7.0.1 - Authenticated OS Command Injection via Crafted HTTP Requests
Feb 16, 2023
CVSS 8.8
EPSS 0.03
CVE-2022-30300 MEDIUM
FortiWeb 6.3.6-6.3.18, 7.0.0-7.0.1 - Authenticated Path Traversal via HTTP GET Request
Feb 16, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-30299 MEDIUM
FortiWeb 6.0.0-6.0.7, 6.1-6.3.19, 6.4, 7.0.0-7.0.1 - Authenticated Path Traversal via API
Feb 16, 2023
CVSS 5.3
EPSS 0.00
CVE-2022-29054 LOW
Fortinet FortiOS <7.2.0 - Info Disclosure
Feb 16, 2023
CVSS 3.3
EPSS 0.00
CVE-2022-27489 HIGH
FortiExtender 7.0.0-7.0.3, 5.3.2, 4.2.4 and below - OS Command Injection via Crafted HTTP Requests
Feb 16, 2023
CVSS 7.2
EPSS 0.01
CVE-2022-27482 HIGH
FortiADC 5.x.x-7.0.1 - OS Command Injection via CLI Commands
Feb 16, 2023
CVSS 7.8
EPSS 0.01
CVE-2022-26115 MEDIUM
FortiSandbox <4.2.0 - Info Disclosure
Feb 16, 2023
CVSS 5.9
EPSS 0.00
CVE-2022-45857 MEDIUM
FortiManager <6.4.6 - Privilege Escalation
Jan 05, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-42471 MEDIUM
FortiWeb 6.3.6-6.3.20, 6.4.0-6.4.2, 7.0.0-7.0.2 - Authenticated HTTP Response Splitting
Jan 03, 2023
CVSS 5.4
EPSS 0.00
CVE-2022-41336 MEDIUM
FortiPortal 5.0.0-5.0.2 and 6.0.0-6.0.11 - Authenticated Stored Cross-Site Scripting via Column Index Parameter
Jan 03, 2023
CVSS 6.8
EPSS 0.01
CVE-2022-39947 HIGH
FortiADC OS Command Injection via Crafted HTTP Requests
Jan 03, 2023
CVSS 8.8
EPSS 0.03
CVE-2022-35845 HIGH
FortiTester <4.2.0 - Command Injection
Jan 03, 2023
CVSS 7.8
EPSS 0.01
CVE-2022-42475 CRITICAL KEVNUCLEI
FortiOS 5.0.0-5.0.13 and FortiProxy 1.0.0-1.0.6 - Heap-Based Buffer Overflow via SSL-VPN Requests
Jan 02, 2023
CVSS 9.8
EPSS 0.99
CVE-2022-40680 MEDIUM
FortiOS 6.0.7-6.0.15, 6.2.2-6.2.12, 6.4.0-6.4.9, 7.0.0-7.0.3 - Stored Cross-Site Scripting via Replacement Messages
Dec 06, 2022
CVSS 4.0
EPSS 0.00