fortinet
1,136 tracked vulnerabilities.
CVE-2021-36170
LOW
FortiAnalyzerVM/FortiManagerVM <7.0.0,6.4.6 - Info Disclosure
Oct 06, 2021
CVSS 3.2
EPSS 0.00
CVE-2021-24021
MEDIUM
FortiAnalyzer < 6.2.8 - Authenticated Stored Cross-Site Scripting via Logview Column Settings
Oct 06, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-24019
HIGH
FortiClientEMS < 6.4.2 and <= 6.2.8 - Insufficient Session Expiration
Oct 06, 2021
CVSS 8.1
EPSS 0.04
CVE-2021-24017
MEDIUM
FortiManager < 6.2.7 - Improper Authentication via Request Handler
Sep 30, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-24016
LOW
Fortinet FortiManager <6.4.3 - Command Injection
Sep 30, 2021
CVSS 3.7
EPSS 0.00
CVE-2021-36182
HIGH
Fortinet FortiWeb <6.3.13 - Command Injection
Sep 08, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-36179
HIGH
Fortinet FortiWeb <6.3.14 - Buffer Overflow
Sep 08, 2021
CVSS 8.0
EPSS 0.02
CVE-2021-24006
MEDIUM
FortiManager <6.4.3 - Privilege Escalation
Sep 06, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-32602
MEDIUM
FortiPortal < 4.0.4 - Unauthenticated Cross-Site Scripting via Lang Parameter
Aug 19, 2021
CVSS 5.8
EPSS 0.01
CVE-2021-32588
CRITICAL
FortiPortal <=6.0.4 Unauthenticated RCE via Tomcat Hard-coded Credentials
Aug 18, 2021
CVSS 9.8
EPSS 0.03
CVE-2021-32597
MEDIUM
FortiAnalyzer and FortiManager < 6.2.8 - Authenticated Stored Cross-Site Scripting via GET Parameters
Aug 06, 2021
CVSS 4.6
EPSS 0.01
CVE-2021-32587
MEDIUM
FortiManager/FortiAnalyzer <7.0.0, <6.4.5, <6.2.8, <6.0.11, <5.6.11...
Aug 06, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-32603
HIGH
FortiAnalyzer and FortiManager 5.6.0-6.2.7 - Authenticated Server-Side Request Forgery
Aug 05, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-32598
MEDIUM
FortiAnalyzer and FortiManager 5.6.0-7.0.0 - Authenticated HTTP Request Smuggling via CRLF Injection
Aug 05, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-24014
MEDIUM
FortiSandbox < 4.0.0 - Unauthenticated Cross-Site Scripting via Crafted Request Parameters
Aug 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-22124
HIGH
FortiAuthenticator <6.0.6 & FortiSandbox 3.0.0-3.2.2 - DoS via Long Request Parameters
Aug 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-26096
MEDIUM
FortiSandbox < 4.0.0 - Authenticated Heap-Based Buffer Overflow via Command Shell Arguments
Aug 04, 2021
CVSS 6.4
EPSS 0.01
CVE-2021-32596
MEDIUM
FortiPortal <6.04 - Info Disclosure
Aug 04, 2021
CVSS 6.0
EPSS 0.00
CVE-2021-26097
HIGH
FortiSandbox 3.0.0-3.0.6, 3.1.0-3.1.4, 3.2.0-3.2.2 - Authenticated OS Command Injection via HTTP Requests
Aug 04, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-36168
MEDIUM
Fortinet FortiPortal <6.0.5-6.2.5 - Path Traversal
Aug 04, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-24018
MEDIUM
FortiOS < 6.2.10 - Out-of-bounds Write via Firmware Verification Routine
Aug 04, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-24010
HIGH
FortiSandbox 3.1.0-3.1.4 and 3.2.0-3.2.2 - Authenticated Path Traversal via Crafted Web Requests
Aug 04, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-32594
MEDIUM
FortiPortal 4.0.0-4.0.3, 4.2.0-4.2.2, 5.2.0-5.2.5, 5.3.0-5.3.5, 6.0.0-6.0.4 - Unrestricted File Upload via Web Interface
Aug 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-32590
CRITICAL
FortiPortal 4.2.2-6.0.4 - Authenticated SQL Injection via HTTP Requests
Aug 04, 2021
CVSS 9.9
EPSS 0.02
CVE-2021-26098
MEDIUM
FortiSandbox <4.0.0 - Info Disclosure
Aug 04, 2021
CVSS 5.3
EPSS 0.01
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters