fortinet
1,136 tracked vulnerabilities.
CVE-2022-23438
MEDIUM
FortiOS < 6.4.9 - Unauthenticated Reflected Cross-Site Scripting in Captive Portal Authentication Page
Jul 18, 2022
CVSS 4.7
EPSS 0.01
CVE-2022-22304
MEDIUM
FortiAuthenticator OWA Agent 2.1-2.2 - Unauthenticated XSS via HTTP GET
Jul 18, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-22306
MEDIUM
FortiOS 6.0.0-6.0.14, 6.2.0-6.2.10, 6.4.0-6.4.8, 7.0.0 - MITM via Improper Certificate Validation
May 24, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-26116
HIGH
FortiNAC <= 8.3.7, 8.5.2, 8.5.4, 8.6.0, <= 8.6.5, <= 8.7.6, <= 8.8.11, <= 9.1.5, <= 9.2.2 - Authenticated SQL Injection
May 11, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-23443
HIGH
Fortinet FortiSOAR <7.2.0 - Info Disclosure
May 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-23440
HIGH
FortiEDR 4.0.0-5.0.2 - Use of Hard-coded Cryptographic Key in Registration Mechanism
Apr 06, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-23446
MEDIUM
Fortinet FortiEDR <= 5.0.3 - Denial of Service via Root Directory Permission Change
Apr 06, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-23441
CRITICAL
FortiEDR 4.0.0, 5.0.0-5.0.2 - Unauthenticated Message Forgery via Hard-coded Cryptographic Key
Apr 06, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-22303
LOW
FortiManager <7.0.2-6.2.9 - Info Disclosure
Mar 02, 2022
CVSS 2.8
EPSS 0.00
CVE-2022-22301
HIGH
FortiAP-C <5.4.3, <5.2.1 - Command Injection
Mar 02, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22300
MEDIUM
Fortinet FortiAnalyzer/FortiManager <7.0.3 - Privilege Escalation
Mar 01, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-24008
MEDIUM
FortiMail < 6.0.10, FortiDDoS < 5.4.3, FortiVoice < 6.0.7, FortiRecorder < 6.0.4 - Sensitive Info Exposure
Mar 28, 2025
CVSS 5.3
EPSS 0.00
CVE-2021-26105
MEDIUM
FortiSandbox <= 3.1.4 and <= 3.2.2 - Authenticated Stack-Based Buffer Overflow via Profile Parser
Mar 24, 2025
CVSS 6.8
EPSS 0.00
CVE-2021-26091
HIGH
FortiMail <6.4.4/<6.2.7 - Info Disclosure
Mar 24, 2025
CVSS 7.5
EPSS 0.00
CVE-2021-32584
MEDIUM
FortiWLC <=8.6.0 Unauthenticated Improper Access Control via Web Management CGI
Mar 17, 2025
CVSS 5.3
EPSS 0.01
CVE-2021-26087
MEDIUM
FortiWLC <= 8.6.0, <= 8.5.3, <= 8.4.8, <= 8.3.3 - Stored Cross-Site Scripting via Web Interface
Mar 17, 2025
CVSS 4.3
EPSS 0.00
CVE-2021-22126
MEDIUM
FortiWLC 8.2.6-8.2.7, 8.3.2-8.3.3, <=8.4.8, <=8.5.2 - Authenticated Hard-Coded Password Use
Mar 17, 2025
CVSS 6.7
EPSS 0.00
CVE-2021-26102
CRITICAL
FortiWAN 4.4.0-4.5.7 - Unauthenticated Path Traversal via Crafted POST Request
Dec 19, 2024
CVSS 9.8
EPSS 0.16
CVE-2021-32589
HIGH
FortiAnalyzer and FortiManager - Use-After-Free via fgfm Port Request
Dec 19, 2024
CVSS 8.1
EPSS 0.09
CVE-2021-26115
HIGH
FortiWAN < 4.5.8 - Authenticated Privilege Escalation via Command Line Interface Command Injection
Dec 19, 2024
CVSS 7.8
EPSS 0.01
CVE-2021-26093
HIGH
FortiWLC <8.6.0 - Memory Corruption
Dec 19, 2024
CVSS 7.3
EPSS 0.00
CVE-2021-44172
MEDIUM
FortiClientEMS 6.2.0-6.2.8, 6.4.x, 7.0.0-7.0.4, 7.0.6-7.0.7 - Sensitive Information Exposure via Management Interface
Sep 13, 2023
CVSS 4.3
EPSS 0.01
CVE-2021-43072
MEDIUM
Fortinet FortiAnalyzer <7.0.2 - Buffer Overflow
Jul 18, 2023
CVSS 6.7
EPSS 0.00
CVE-2021-43074
MEDIUM
FortiProxy < 2.0.8 - Improper Verification of Cryptographic Signature
Feb 16, 2023
CVSS 4.3
EPSS 0.00
CVE-2021-42761
CRITICAL
FortiWeb 5.9.0-5.9.1, 6.0.0-6.0.7, 6.1.0-6.1.2, 6.2.0-6.2.6, 6.3.0-6.3.16, 6.4 - Unauthenticated Session Fixation
Feb 16, 2023
CVSS 9.0
EPSS 0.01
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters