fortinet

1,136 tracked vulnerabilities.

CVE-2021-36194 HIGH
FortiWeb 6.3.0-6.3.15, 6.4.0-6.4.1 - Authenticated Remote Code Execution via API Controller Buffer Overflow
Dec 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-36189 MEDIUM
Fortinet FortiClientEMS <7.0.1 & <6.4.4 - Info Disclosure
Dec 09, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-41025 HIGH
FortiWeb 6.0.0-6.0.7, 6.1.0-6.1.2, 6.2.0-6.2.6, 6.3.0-6.3.15, 6.4.0-6.4.1 - Authentication Bypass via Capture-Replay
Dec 08, 2021
CVSS 7.3
EPSS 0.01
CVE-2021-41017 HIGH
FortiWeb <6.4.1-6.3.15 - Buffer Overflow
Dec 08, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-36195 MEDIUM
FortiWeb <6.4.1 - Command Injection
Dec 08, 2021
CVSS 4.2
EPSS 0.01
CVE-2021-36173 HIGH
FortiOS 6.0.0-6.0.13, 6.2.0-6.2.9, 6.4.0-6.4.6, 7.0.0-7.0.1 - Remote Code Execution via Crafted Installation Image
Dec 08, 2021
CVSS 8.0
EPSS 0.01
CVE-2021-41030 MEDIUM
FortiClient EMS <7.0.1, <6.4.4 - Auth Bypass
Dec 08, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-41021 HIGH
FortiNAC <8.8.8, <9.1.2 - Privilege Escalation
Dec 08, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-41013 MEDIUM
FortiWeb <6.4.1, <6.3.15 - Info Disclosure
Dec 08, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-36188 MEDIUM
FortiWeb < 6.2.5 - Cross-Site Scripting via GET Parameters in Login and Error Handlers
Dec 08, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-43063 MEDIUM
FortiWeb 6.2.0-6.2.6, 6.3.0-6.3.15, 6.4.0-6.4.1 - Cross-Site Scripting via Login Page HTTP GET Request
Dec 08, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-36190 MEDIUM
FortiWeb <= 6.4.1 and <= 6.3.15 - Unauthenticated Proxy Bypass via Crafted HTTP Requests
Dec 08, 2021
CVSS 5.5
EPSS 0.01
CVE-2021-43064 MEDIUM
Fortinet FortiWeb <6.4.1 - Open Redirect
Dec 08, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-41027 HIGH
Fortinet FortiWeb <6.4.1-6.4.0 - Buffer Overflow
Dec 08, 2021
CVSS 7.3
EPSS 0.00
CVE-2021-41024 HIGH
FortiProxy 7.0.0 and FortiOS 7.0.0-7.0.1 - Unauthenticated Path Traversal via Login Page GET Request
Dec 08, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-41015 MEDIUM
Fortinet FortiWeb <6.4.1 & <6.3.15 - XSS
Dec 08, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-41014 HIGH
FortiWeb <= 6.4.1 and <= 6.3.15 - Unauthenticated Denial of Service via HTTP Packet Flood
Dec 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-36191 MEDIUM
Fortinet FortiWeb <6.4.1-6.3.15 - Open Redirect
Dec 08, 2021
CVSS 4.1
EPSS 0.01
CVE-2021-26109 HIGH
FortiOS < 7.0.1 - Unauthenticated Integer Overflow in SSLVPN Memory Allocator
Dec 08, 2021
CVSS 8.1
EPSS 0.02
CVE-2021-26108 HIGH
FortiOS < 5.6.13 - Use of Hard-coded Cryptographic Key in SSLVPN
Dec 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-43067 HIGH
Fortinet FortiAuthenticator <6.4.0 - Info Disclosure
Dec 08, 2021
CVSS 8.3
EPSS 0.01
CVE-2021-42760 HIGH
Fortinet FortiWLM < 8.6.1 - SQL Injection via Crafted Requests
Dec 08, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-42752 MEDIUM
Fortinet FortiWLM < 8.6.1 - Cross-Site Scripting via Crafted HTTP Requests
Dec 08, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-41029 MEDIUM
Fortinet FortiWLM < 8.6.1 - Stored Cross-Site Scripting via Crafted HTTP Requests
Dec 08, 2021
CVSS 6.4
EPSS 0.01
CVE-2021-32591 MEDIUM
FortiSandbox <4.0.1, FortiWeb <6.3.12, FortiADC <6.2.1, FortiMail 7...
Dec 08, 2021
CVSS 5.3
EPSS 0.01