fortinet
1,136 tracked vulnerabilities.
CVE-2021-36194
HIGH
FortiWeb 6.3.0-6.3.15, 6.4.0-6.4.1 - Authenticated Remote Code Execution via API Controller Buffer Overflow
Dec 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-36189
MEDIUM
Fortinet FortiClientEMS <7.0.1 & <6.4.4 - Info Disclosure
Dec 09, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-41025
HIGH
FortiWeb 6.0.0-6.0.7, 6.1.0-6.1.2, 6.2.0-6.2.6, 6.3.0-6.3.15, 6.4.0-6.4.1 - Authentication Bypass via Capture-Replay
Dec 08, 2021
CVSS 7.3
EPSS 0.01
CVE-2021-41017
HIGH
FortiWeb <6.4.1-6.3.15 - Buffer Overflow
Dec 08, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-36195
MEDIUM
FortiWeb <6.4.1 - Command Injection
Dec 08, 2021
CVSS 4.2
EPSS 0.01
CVE-2021-36173
HIGH
FortiOS 6.0.0-6.0.13, 6.2.0-6.2.9, 6.4.0-6.4.6, 7.0.0-7.0.1 - Remote Code Execution via Crafted Installation Image
Dec 08, 2021
CVSS 8.0
EPSS 0.01
CVE-2021-41030
MEDIUM
FortiClient EMS <7.0.1, <6.4.4 - Auth Bypass
Dec 08, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-41021
HIGH
FortiNAC <8.8.8, <9.1.2 - Privilege Escalation
Dec 08, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-41013
MEDIUM
FortiWeb <6.4.1, <6.3.15 - Info Disclosure
Dec 08, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-36188
MEDIUM
FortiWeb < 6.2.5 - Cross-Site Scripting via GET Parameters in Login and Error Handlers
Dec 08, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-43063
MEDIUM
FortiWeb 6.2.0-6.2.6, 6.3.0-6.3.15, 6.4.0-6.4.1 - Cross-Site Scripting via Login Page HTTP GET Request
Dec 08, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-36190
MEDIUM
FortiWeb <= 6.4.1 and <= 6.3.15 - Unauthenticated Proxy Bypass via Crafted HTTP Requests
Dec 08, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-43064
MEDIUM
Fortinet FortiWeb <6.4.1 - Open Redirect
Dec 08, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-41027
HIGH
Fortinet FortiWeb <6.4.1-6.4.0 - Buffer Overflow
Dec 08, 2021
CVSS 7.3
EPSS 0.00
CVE-2021-41024
HIGH
FortiProxy 7.0.0 and FortiOS 7.0.0-7.0.1 - Unauthenticated Path Traversal via Login Page GET Request
Dec 08, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-41015
MEDIUM
Fortinet FortiWeb <6.4.1 & <6.3.15 - XSS
Dec 08, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-41014
HIGH
FortiWeb <= 6.4.1 and <= 6.3.15 - Unauthenticated Denial of Service via HTTP Packet Flood
Dec 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-36191
MEDIUM
Fortinet FortiWeb <6.4.1-6.3.15 - Open Redirect
Dec 08, 2021
CVSS 4.1
EPSS 0.01
CVE-2021-26109
HIGH
FortiOS < 7.0.1 - Unauthenticated Integer Overflow in SSLVPN Memory Allocator
Dec 08, 2021
CVSS 8.1
EPSS 0.02
CVE-2021-26108
HIGH
FortiOS < 5.6.13 - Use of Hard-coded Cryptographic Key in SSLVPN
Dec 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-43067
HIGH
Fortinet FortiAuthenticator <6.4.0 - Info Disclosure
Dec 08, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-42760
HIGH
Fortinet FortiWLM < 8.6.1 - SQL Injection via Crafted Requests
Dec 08, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-42752
MEDIUM
Fortinet FortiWLM < 8.6.1 - Cross-Site Scripting via Crafted HTTP Requests
Dec 08, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-41029
MEDIUM
Fortinet FortiWLM < 8.6.1 - Stored Cross-Site Scripting via Crafted HTTP Requests
Dec 08, 2021
CVSS 6.4
EPSS 0.01
CVE-2021-32591
MEDIUM
FortiSandbox <4.0.1, FortiWeb <6.3.12, FortiADC <6.2.1, FortiMail 7...
Dec 08, 2021
CVSS 5.3
EPSS 0.01
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters