fortinet
1,122 tracked vulnerabilities.
CVE-2022-29054
LOW
Fortinet FortiOS <7.2.0 - Info Disclosure
Feb 16, 2023
CVSS 3.3
EPSS 0.00
CVE-2022-27489
HIGH
FortiExtender 7.0.0-7.0.3, 5.3.2, 4.2.4 and below - OS Command Injection via Crafted HTTP Requests
Feb 16, 2023
CVSS 7.2
EPSS 0.01
CVE-2022-27482
HIGH
FortiADC 5.x.x-7.0.1 - OS Command Injection via CLI Commands
Feb 16, 2023
CVSS 7.8
EPSS 0.01
CVE-2022-26115
MEDIUM
FortiSandbox <4.2.0 - Info Disclosure
Feb 16, 2023
CVSS 5.9
EPSS 0.00
CVE-2022-45857
MEDIUM
FortiManager <6.4.6 - Privilege Escalation
Jan 05, 2023
CVSS 6.5
EPSS 0.00
CVE-2022-42471
MEDIUM
FortiWeb 6.3.6-6.3.20, 6.4.0-6.4.2, 7.0.0-7.0.2 - Authenticated HTTP Response Splitting
Jan 03, 2023
CVSS 5.4
EPSS 0.00
CVE-2022-41336
MEDIUM
FortiPortal 5.0.0-5.0.2 and 6.0.0-6.0.11 - Authenticated Stored Cross-Site Scripting via Column Index Parameter
Jan 03, 2023
CVSS 6.8
EPSS 0.00
CVE-2022-39947
HIGH
FortiADC OS Command Injection via Crafted HTTP Requests
Jan 03, 2023
CVSS 8.8
EPSS 0.05
CVE-2022-35845
HIGH
FortiTester <4.2.0 - Command Injection
Jan 03, 2023
CVSS 7.8
EPSS 0.04
CVE-2022-42475
CRITICAL
KEVNUCLEI
FortiOS 5.0.0-5.0.13 and FortiProxy 1.0.0-1.0.6 - Heap-Based Buffer Overflow via SSL-VPN Requests
Jan 02, 2023
CVSS 9.8
EPSS 0.94
CVE-2022-40680
MEDIUM
FortiOS 6.0.7-6.0.15, 6.2.2-6.2.12, 6.4.0-6.4.9, 7.0.0-7.0.3 - Stored Cross-Site Scripting via Replacement Messages
Dec 06, 2022
CVSS 4.0
EPSS 0.01
CVE-2022-38379
LOW
FortiSOAR 7.0.0-7.0.3 and 7.2.0 - Authenticated Cross-Site Scripting via Input Fields
Dec 06, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-35843
HIGH
FortiOS/FortiProxy <7.2.0,6.4.9,6.2,6.0 - Auth Bypass
Dec 06, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-33876
MEDIUM
Fortinet FortiADC <7.1.0 - Info Disclosure
Dec 06, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-33875
MEDIUM
Fortinet FortiADC <7.1.0 - SQL Injection
Dec 06, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-30305
LOW
FortiDeceptor & FortiSandbox - Insufficient Logging of Failed Authentication Attempts
Dec 06, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-38377
MEDIUM
FortiManager/FortiAnalyzer <7.2.0 - Privilege Escalation
Nov 25, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-42473
MEDIUM
Fortinet FortiSOAR 6.4.0-6.4.4, 7.0.0-7.0.3, 7.2.0 - Unauthenticated Information Disclosure via Database Login
Nov 02, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-39950
HIGH
FortiAnalyzer & FortiManager 6.0.0-6.2.8, 6.4.0-6.4.8, 7.0.0-7.0.4 - Stored XSS via CKeditor
Nov 02, 2022
CVSS 8.0
EPSS 0.01
CVE-2022-39949
MEDIUM
FortiEDR CollectorWindows <5.1 - Privilege Escalation
Nov 02, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-39945
MEDIUM
FortiMail 6.0.0-6.0.11, 6.2, 6.4, 7.0.0-7.0.3, 7.2.0 - Authenticated IDOR for Domain Access/Modification
Nov 02, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-38381
MEDIUM
FortiADC 5.0.0-5.0.3, 6.0.0, 6.1.0, 6.2.0-6.2.3, 7.0.0-7.0.2 - Web Application Firewall Bypass
Nov 02, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-38380
MEDIUM
FortiOS <7.2.0, 7.0.0-7.0.7 - Privilege Escalation
Nov 02, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-38374
HIGH
Fortinet FortiADC <7.0.2, <6.2.4 - XSS
Nov 02, 2022
CVSS 8.8
EPSS 0.17
CVE-2022-38373
HIGH
FortiDeceptor 4.0.2, 4.1.0-4.1.1, 4.2.0 - Authenticated Cross-Site Scripting via Lure Resource ID
Nov 02, 2022
CVSS 8.0
EPSS 0.01
Products
fortios 267
fortiweb 124
fortiproxy 117
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 58
fortimail 46
fortiportal 44
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
FortiOS 13
fortianalyzer_big_data 13
forticlientems 13
fortianalyzer_firmware 12
Quick Filters