fortinet

1,122 tracked vulnerabilities.

CVE-2021-24014 MEDIUM
FortiSandbox < 4.0.0 - Unauthenticated Cross-Site Scripting via Crafted Request Parameters
Aug 04, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-22124 HIGH
FortiAuthenticator <6.0.6 & FortiSandbox 3.0.0-3.2.2 - DoS via Long Request Parameters
Aug 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-26096 MEDIUM
FortiSandbox < 4.0.0 - Authenticated Heap-Based Buffer Overflow via Command Shell Arguments
Aug 04, 2021
CVSS 6.4
EPSS 0.01
CVE-2021-32596 MEDIUM
FortiPortal <6.04 - Info Disclosure
Aug 04, 2021
CVSS 6.0
EPSS 0.00
CVE-2021-26097 HIGH
FortiSandbox 3.0.0-3.0.6, 3.1.0-3.1.4, 3.2.0-3.2.2 - Authenticated OS Command Injection via HTTP Requests
Aug 04, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-36168 MEDIUM
Fortinet FortiPortal <6.0.5-6.2.5 - Path Traversal
Aug 04, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-24018 MEDIUM
FortiOS < 6.2.10 - Out-of-bounds Write via Firmware Verification Routine
Aug 04, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-24010 HIGH
FortiSandbox 3.1.0-3.1.4 and 3.2.0-3.2.2 - Authenticated Path Traversal via Crafted Web Requests
Aug 04, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-32594 MEDIUM
FortiPortal 4.0.0-4.0.3, 4.2.0-4.2.2, 5.2.0-5.2.5, 5.3.0-5.3.5, 6.0.0-6.0.4 - Unrestricted File Upload via Web Interface
Aug 04, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-32590 CRITICAL
FortiPortal 4.2.2-6.0.4 - Authenticated SQL Injection via HTTP Requests
Aug 04, 2021
CVSS 9.9
EPSS 0.00
CVE-2021-26098 MEDIUM
FortiSandbox <4.0.0 - Info Disclosure
Aug 04, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-26095 HIGH
FortiMail <6.4.4/<6.2.6 - Privilege Escalation
Jul 20, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-24022 MEDIUM
FortiAnalyzer and FortiManager 6.0.0-6.2.7 - Authenticated Denial of Service via GeoIP City Command Buffer Overflow
Jul 20, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-22125 MEDIUM
FortiSandbox < 3.2.2 - Authenticated OS Command Injection via Sniffer Module Configuration
Jul 20, 2021
CVSS 6.3
EPSS 0.00
CVE-2021-26088 HIGH
Fortinet Single Sign-On < 6.4.6 - Unauthenticated Authentication Bypass via UDP Login Notification Packets
Jul 12, 2021
CVSS 7.1
EPSS 0.05
CVE-2021-24015 HIGH
FortiMail 5.4.0-5.4.11 - Authenticated OS Command Injection via HTTP Request
Jul 12, 2021
CVSS 7.2
EPSS 0.00
CVE-2021-24013 HIGH
FortiMail 5.4.0-5.4.11 - Path Traversal via Webmail Web Requests
Jul 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-26090 MEDIUM
FortiMail 6.2.0-6.2.6 and 6.4.0-6.4.4 - Unauthenticated Memory Exhaustion via Webmail Login Requests
Jul 12, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-26089 MEDIUM
FortiClient for Mac < 6.4.3 - Privilege Escalation via Symlink Attack
Jul 12, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-26099 MEDIUM
FortiMail 5.0-6.x - Missing Cryptographic Steps in Identity-Based Encryption Service
Jul 12, 2021
CVSS 4.4
EPSS 0.00
CVE-2021-26106 HIGH
FortiAP 6.4.1-6.4.5 and 6.2.4-6.2.5 - Authenticated OS Command Injection via kdbg CLI Command
Jul 09, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-26100 MEDIUM
FortiMail < 7.0.0 - Unauthenticated Cryptographic Signature Bypass in Identity-Based Encryption
Jul 09, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-24020 HIGH
FortiMail 6.2.0-6.2.7 and 6.4.0-6.4.4 - Unauthenticated Cryptographic Signature Bypass via Hash Digest Tampering
Jul 09, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-24007 CRITICAL
FortiMail < 6.4.4 - Unauthenticated SQL Injection via HTTP Requests
Jul 09, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-22129 HIGH
FortiMail < 6.4.5 - Authenticated Buffer Overflow via Crafted HTTP Requests
Jul 09, 2021
CVSS 8.8
EPSS 0.00
Products
fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12
Quick Filters
Critical CVEs With Exploits In CISA KEV