fortinet
1,136 tracked vulnerabilities.
CVE-2021-26095
HIGH
FortiMail <6.4.4/<6.2.6 - Privilege Escalation
Jul 20, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-24022
MEDIUM
FortiAnalyzer and FortiManager 6.0.0-6.2.7 - Authenticated Denial of Service via GeoIP City Command Buffer Overflow
Jul 20, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-22125
MEDIUM
FortiSandbox < 3.2.2 - Authenticated OS Command Injection via Sniffer Module Configuration
Jul 20, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-26088
HIGH
Fortinet Single Sign-On < 6.4.6 - Unauthenticated Authentication Bypass via UDP Login Notification Packets
Jul 12, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-24015
HIGH
FortiMail 5.4.0-5.4.11 - Authenticated OS Command Injection via HTTP Request
Jul 12, 2021
CVSS 7.2
EPSS 0.01
CVE-2021-24013
HIGH
FortiMail 5.4.0-5.4.11 - Path Traversal via Webmail Web Requests
Jul 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-26090
MEDIUM
FortiMail 6.2.0-6.2.6 and 6.4.0-6.4.4 - Unauthenticated Memory Exhaustion via Webmail Login Requests
Jul 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-26089
MEDIUM
FortiClient for Mac < 6.4.3 - Privilege Escalation via Symlink Attack
Jul 12, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-26099
MEDIUM
FortiMail 5.0-6.x - Missing Cryptographic Steps in Identity-Based Encryption Service
Jul 12, 2021
CVSS 4.4
EPSS 0.01
CVE-2021-26106
HIGH
FortiAP 6.4.1-6.4.5 and 6.2.4-6.2.5 - Authenticated OS Command Injection via kdbg CLI Command
Jul 09, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-26100
MEDIUM
FortiMail < 7.0.0 - Unauthenticated Cryptographic Signature Bypass in Identity-Based Encryption
Jul 09, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-24020
HIGH
FortiMail 6.2.0-6.2.7 and 6.4.0-6.4.4 - Unauthenticated Cryptographic Signature Bypass via Hash Digest Tampering
Jul 09, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-24007
CRITICAL
FortiMail < 6.4.4 - Unauthenticated SQL Injection via HTTP Requests
Jul 09, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-22129
HIGH
FortiMail < 6.4.5 - Authenticated Buffer Overflow via Crafted HTTP Requests
Jul 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-24005
MEDIUM
FortiAuthenticator < 6.3.0 - Hard-coded Cryptographic Key Exposure
Jul 06, 2021
CVSS 4.0
EPSS 0.01
CVE-2021-24023
HIGH
FortiAI Firmware < 1.4.0 - Authenticated OS Command Injection via Diagnose Command
Jun 03, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-22130
MEDIUM
FortiProxy < 1.0.7 - Authenticated Denial of Service via CLI cpuset Mask Overflow
Jun 03, 2021
CVSS 6.7
EPSS 0.01
CVE-2021-24012
MEDIUM
FortiOS 6.4.0-6.4.4 - Improper Certificate Validation in LDAP SSLVPN Authentication
Jun 02, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-26111
MEDIUM
FortiSwitch 6.4.0-6.4.6, 6.2.0-6.2.6, 6.0.0-6.0.6, <=3.6.11 - Use-After-Free via LLDP/CDP/EDP Packets
Jun 01, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-22123
HIGH
FortiWeb 5.9.0-6.2.3 - Authenticated OS Command Injection via SAML Server Configuration
Jun 01, 2021
CVSS 7.6
EPSS 0.77
CVE-2021-24011
MEDIUM
FortiNAC < 8.8.2 - Authenticated Privilege Escalation via Sudo Abuse
May 10, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-24024
MEDIUM
FortiADC < 5.3.7 and FortiADCManager < 5.3.0 - Authenticated Sensitive Information Disclosure in Log Files
Apr 12, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-22128
HIGH
FortiProxy SSL VPN <2.0.0 - Privilege Escalation
Mar 04, 2021
CVSS 7.1
EPSS 0.01
CVE-2021-22122
MEDIUM
NUCLEI
FortiWeb < 6.2.3 and 6.3.0-6.3.7 - Unauthenticated Reflected Cross-Site Scripting via API Endpoints
Feb 08, 2021
CVSS 6.1
EPSS 0.11
CVE-2020-9295
MEDIUM
Fortinet Antivirus Engine < 6.00145 - Malformed RAR Archive Detection Bypass
Mar 17, 2025
CVSS 4.7
EPSS 0.00
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters