fortinet

1,136 tracked vulnerabilities.

CVE-2021-26095 HIGH
FortiMail <6.4.4/<6.2.6 - Privilege Escalation
Jul 20, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-24022 MEDIUM
FortiAnalyzer and FortiManager 6.0.0-6.2.7 - Authenticated Denial of Service via GeoIP City Command Buffer Overflow
Jul 20, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-22125 MEDIUM
FortiSandbox < 3.2.2 - Authenticated OS Command Injection via Sniffer Module Configuration
Jul 20, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-26088 HIGH
Fortinet Single Sign-On < 6.4.6 - Unauthenticated Authentication Bypass via UDP Login Notification Packets
Jul 12, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-24015 HIGH
FortiMail 5.4.0-5.4.11 - Authenticated OS Command Injection via HTTP Request
Jul 12, 2021
CVSS 7.2
EPSS 0.01
CVE-2021-24013 HIGH
FortiMail 5.4.0-5.4.11 - Path Traversal via Webmail Web Requests
Jul 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-26090 MEDIUM
FortiMail 6.2.0-6.2.6 and 6.4.0-6.4.4 - Unauthenticated Memory Exhaustion via Webmail Login Requests
Jul 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-26089 MEDIUM
FortiClient for Mac < 6.4.3 - Privilege Escalation via Symlink Attack
Jul 12, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-26099 MEDIUM
FortiMail 5.0-6.x - Missing Cryptographic Steps in Identity-Based Encryption Service
Jul 12, 2021
CVSS 4.4
EPSS 0.01
CVE-2021-26106 HIGH
FortiAP 6.4.1-6.4.5 and 6.2.4-6.2.5 - Authenticated OS Command Injection via kdbg CLI Command
Jul 09, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-26100 MEDIUM
FortiMail < 7.0.0 - Unauthenticated Cryptographic Signature Bypass in Identity-Based Encryption
Jul 09, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-24020 HIGH
FortiMail 6.2.0-6.2.7 and 6.4.0-6.4.4 - Unauthenticated Cryptographic Signature Bypass via Hash Digest Tampering
Jul 09, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-24007 CRITICAL
FortiMail < 6.4.4 - Unauthenticated SQL Injection via HTTP Requests
Jul 09, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-22129 HIGH
FortiMail < 6.4.5 - Authenticated Buffer Overflow via Crafted HTTP Requests
Jul 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-24005 MEDIUM
FortiAuthenticator < 6.3.0 - Hard-coded Cryptographic Key Exposure
Jul 06, 2021
CVSS 4.0
EPSS 0.01
CVE-2021-24023 HIGH
FortiAI Firmware < 1.4.0 - Authenticated OS Command Injection via Diagnose Command
Jun 03, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-22130 MEDIUM
FortiProxy < 1.0.7 - Authenticated Denial of Service via CLI cpuset Mask Overflow
Jun 03, 2021
CVSS 6.7
EPSS 0.01
CVE-2021-24012 MEDIUM
FortiOS 6.4.0-6.4.4 - Improper Certificate Validation in LDAP SSLVPN Authentication
Jun 02, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-26111 MEDIUM
FortiSwitch 6.4.0-6.4.6, 6.2.0-6.2.6, 6.0.0-6.0.6, <=3.6.11 - Use-After-Free via LLDP/CDP/EDP Packets
Jun 01, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-22123 HIGH
FortiWeb 5.9.0-6.2.3 - Authenticated OS Command Injection via SAML Server Configuration
Jun 01, 2021
CVSS 7.6
EPSS 0.77
CVE-2021-24011 MEDIUM
FortiNAC < 8.8.2 - Authenticated Privilege Escalation via Sudo Abuse
May 10, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-24024 MEDIUM
FortiADC < 5.3.7 and FortiADCManager < 5.3.0 - Authenticated Sensitive Information Disclosure in Log Files
Apr 12, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22128 HIGH
FortiProxy SSL VPN <2.0.0 - Privilege Escalation
Mar 04, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-22122 MEDIUM NUCLEI
FortiWeb < 6.2.3 and 6.3.0-6.3.7 - Unauthenticated Reflected Cross-Site Scripting via API Endpoints
Feb 08, 2021
CVSS 6.1
EPSS 0.11
CVE-2020-9295 MEDIUM
Fortinet Antivirus Engine < 6.00145 - Malformed RAR Archive Detection Bypass
Mar 17, 2025
CVSS 4.7
EPSS 0.00