fortinet

1,122 tracked vulnerabilities.

CVE-2020-29014 MEDIUM
FortiSandbox < 3.2.2 - Authenticated Denial of Service via Command Shell Race Condition
Jul 09, 2021
CVSS 6.3
EPSS 0.00
CVE-2020-6641 MEDIUM
FortiPresence < 20.1 - Authorization Bypass via Portal Manager or Portal Users Parameters
Jun 02, 2021
CVSS 4.3
EPSS 0.00
CVE-2020-15942 MEDIUM
FortiWeb 6.2.0-6.2.3 - Authenticated Information Disclosure in Web Vulnerability Scan Profile
Apr 12, 2021
CVSS 4.3
EPSS 0.00
CVE-2020-15938 MEDIUM
FortiGate <6.2.5/<6.4.2 - Non-HTTP Traffic Bypasses Transparent Proxy Policy
Mar 04, 2021
CVSS 4.0
EPSS 0.00
CVE-2020-15937 MEDIUM
FortiOS 6.2.0-6.2.4 - Stored Cross-Site Scripting via IPS and WAF Logs Dashboard
Mar 03, 2021
CVSS 4.7
EPSS 0.00
CVE-2020-6649 CRITICAL
FortiIsolator < 2.0.1 - Insufficient Session Expiration
Feb 08, 2021
CVSS 9.8
EPSS 0.00
CVE-2020-29019 MEDIUM
FortiWeb < 6.2.4 and 6.3.0-6.3.7 - Unauthenticated Stack-based Buffer Overflow via Crafted Cookie Header
Jan 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-29018 HIGH
FortiWeb 6.3.0-6.3.5 - Authenticated Format String Injection via Redir Parameter
Jan 14, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-29017 HIGH
FortiDeceptor 3.0.0-3.1.0 - Authenticated OS Command Injection via Customization Page
Jan 14, 2021
CVSS 8.8
EPSS 0.06
CVE-2020-29016 CRITICAL
FortiWeb < 6.2.4 and 6.3.0-6.3.5 - Unauthenticated Stack-Based Buffer Overflow via Large Certname
Jan 14, 2021
CVSS 9.8
EPSS 0.02
CVE-2020-29015 CRITICAL
FortiWeb < 6.2.4 and 6.3.0-6.3.7 - Unauthenticated Blind SQL Injection via Authorization Header
Jan 14, 2021
CVSS 9.8
EPSS 0.01
CVE-2020-6648 MEDIUM
FortiProxy 2.0.0 and <1.2.10 - Authenticated Cleartext Storage of Sensitive Information via CLI Command
Oct 21, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-12815 MEDIUM
FortiTester <3.9.0 - XSS
Sep 24, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-12811 MEDIUM
FortiManager/FortiAnalyzer <6.2.3 - XSS
Sep 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-12818 MEDIUM
FortiOS < 6.4.1 - Unauthenticated Traffic Logging Bypass
Sep 24, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-12817 HIGH
FortiAnalyzer - Authenticated Stored Cross-Site Scripting via Storage Connector Name Parameter
Sep 24, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-12816 MEDIUM
FortiNAC < 8.7.3 - Authenticated Stored Cross-Site Scripting via Admin UserID
Sep 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-12812 CRITICAL KEV
FortiOS 6.4.0, 6.2.0-6.2.3, <6.0.10 - Improper Authentication via Username Case Variation
Jul 24, 2020
CVSS 9.8
EPSS 0.40
CVE-2020-9288 MEDIUM
FortiWLC < 8.5.1 - Authenticated Stored Cross-Site Scripting via ESS or Radius Profile
Jun 22, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-6644 HIGH
FortiDeceptor < 3.0.0 - Insufficient Session Expiration
Jun 22, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-9289 HIGH
FortiAnalyzer and FortiManager < 6.2.3 - Use of Hard-coded Cryptographic Key
Jun 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-9292 CRITICAL
FortiSIEM Windows Agent - Privilege Escalation
Jun 04, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6640 MEDIUM
FortiAnalyzer < 6.2.4 - Authenticated Stored Cross-Site Scripting via Description Area
Jun 04, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-9291 MEDIUM
FortiClient < 6.0.9 - Privilege Escalation via Temporary File Symbolic Link Attack
Jun 01, 2020
CVSS 6.3
EPSS 0.00
CVE-2020-9294 CRITICAL
FortiMail Unauthenticated Login Bypass Scanner
Apr 27, 2020
CVSS 9.8
EPSS 0.80
Products
fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12
Quick Filters
Critical CVEs With Exploits In CISA KEV