fortinet
1,122 tracked vulnerabilities.
CVE-2021-24005
MEDIUM
FortiAuthenticator < 6.3.0 - Hard-coded Cryptographic Key Exposure
Jul 06, 2021
CVSS 4.0
EPSS 0.00
CVE-2021-24023
HIGH
FortiAI Firmware < 1.4.0 - Authenticated OS Command Injection via Diagnose Command
Jun 03, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-22130
MEDIUM
FortiProxy < 1.0.7 - Authenticated Denial of Service via CLI cpuset Mask Overflow
Jun 03, 2021
CVSS 6.7
EPSS 0.01
CVE-2021-24012
MEDIUM
FortiOS 6.4.0-6.4.4 - Improper Certificate Validation in LDAP SSLVPN Authentication
Jun 02, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-26111
MEDIUM
FortiSwitch 6.4.0-6.4.6, 6.2.0-6.2.6, 6.0.0-6.0.6, <=3.6.11 - Use-After-Free via LLDP/CDP/EDP Packets
Jun 01, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-22123
HIGH
FortiWeb 5.9.0-6.2.3 - Authenticated OS Command Injection via SAML Server Configuration
Jun 01, 2021
CVSS 7.6
EPSS 0.80
CVE-2021-24011
MEDIUM
FortiNAC < 8.8.2 - Authenticated Privilege Escalation via Sudo Abuse
May 10, 2021
CVSS 6.3
EPSS 0.00
CVE-2021-24024
MEDIUM
FortiADC < 5.3.7 and FortiADCManager < 5.3.0 - Authenticated Sensitive Information Disclosure in Log Files
Apr 12, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-22128
HIGH
FortiProxy SSL VPN <2.0.0 - Privilege Escalation
Mar 04, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-22122
MEDIUM
NUCLEI
FortiWeb < 6.2.3 and 6.3.0-6.3.7 - Unauthenticated Reflected Cross-Site Scripting via API Endpoints
Feb 08, 2021
CVSS 6.1
EPSS 0.70
CVE-2020-9295
MEDIUM
Fortinet Antivirus Engine < 6.00145 - Malformed RAR Archive Detection Bypass
Mar 17, 2025
CVSS 4.7
EPSS 0.00
CVE-2020-29010
MEDIUM
FortiOS < 6.0.11 - Authenticated Sensitive Information Exposure via SSL VPN Monitor CLI Command
Mar 17, 2025
CVSS 5.0
EPSS 0.00
CVE-2020-15934
HIGH
FortiClient for Linux 6.2.7 and below, 6.4.0 - Privilege Escalation via VCM Engine
Dec 19, 2024
CVSS 8.8
EPSS 0.00
CVE-2020-12820
MEDIUM
FortiOS <6.0.10, <5.6.12 - Buffer Overflow
Dec 19, 2024
CVSS 5.4
EPSS 0.04
CVE-2020-12819
MEDIUM
FortiOS < 5.6.13 - Authenticated Heap-based Buffer Overflow via LCP Packet
Dec 19, 2024
CVSS 5.4
EPSS 0.01
CVE-2020-29013
MEDIUM
FortiSandbox < 3.2.2 - Authenticated Denial of Service via Sniffer Interface
Apr 06, 2022
CVSS 5.4
EPSS 0.00
CVE-2020-15936
LOW
FortiOS < 5.6.13 - Sensitive Information Disclosure via SNI Client Hello TLS Packets
Mar 01, 2022
CVSS 2.6
EPSS 0.00
CVE-2020-15933
MEDIUM
FortiMail <=6.0.9/6.2.4/6.4.1 Sensitive Version Info Exposure via Client-Side Inspection
Jan 05, 2022
CVSS 5.3
EPSS 0.00
CVE-2020-15935
MEDIUM
FortiADC <= 5.4.3 and 6.0.0 - Authenticated Cleartext Storage of Sensitive Information in GUI
Nov 02, 2021
CVSS 4.3
EPSS 0.00
CVE-2020-15940
MEDIUM
FortiClientEMS < 6.0.8 - Authenticated Stored Cross-Site Scripting via Name Parameter
Nov 02, 2021
CVSS 4.1
EPSS 0.00
CVE-2020-12814
MEDIUM
Fortinet FortiAnalyzer <6.0.6-6.4.4 - XSS
Nov 02, 2021
CVSS 4.1
EPSS 0.00
CVE-2020-15941
MEDIUM
FortiClientEMS < 6.4.1 and <= 6.2.8 - Authenticated Path Traversal via Deployment Package Name Parameter
Oct 06, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-29012
MEDIUM
FortiSandbox < 3.2.2 - Insufficient Session Expiration
Sep 08, 2021
CVSS 5.6
EPSS 0.00
CVE-2020-15939
MEDIUM
FortiSandbox <3.2.1 & <3.1.4 - Info Disclosure
Sep 06, 2021
CVSS 4.3
EPSS 0.00
CVE-2020-29011
HIGH
FortiSandbox 3.1.0-3.1.4 and 3.2.0-3.2.2 - Authenticated SQL Injection via Checksum Search and MTA-Quarantine Modules
Aug 04, 2021
CVSS 8.8
EPSS 0.00
Products
fortios 267
fortiweb 124
fortiproxy 117
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 58
fortimail 46
fortiportal 44
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 29
fortimanager_cloud 27
fortipam 25
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
FortiOS 13
fortianalyzer_big_data 13
forticlientems 13
fortianalyzer_firmware 12
Quick Filters