fortinet

1,136 tracked vulnerabilities.

CVE-2020-29010 MEDIUM
FortiOS < 6.0.11 - Authenticated Sensitive Information Exposure via SSL VPN Monitor CLI Command
Mar 17, 2025
CVSS 5.0
EPSS 0.01
CVE-2020-15934 HIGH
FortiClient for Linux 6.2.7 and below, 6.4.0 - Privilege Escalation via VCM Engine
Dec 19, 2024
CVSS 8.8
EPSS 0.00
CVE-2020-12820 MEDIUM
FortiOS <6.0.10, <5.6.12 - Buffer Overflow
Dec 19, 2024
CVSS 5.4
EPSS 0.01
CVE-2020-12819 MEDIUM
FortiOS < 5.6.13 - Authenticated Heap-based Buffer Overflow via LCP Packet
Dec 19, 2024
CVSS 5.4
EPSS 0.01
CVE-2020-29013 MEDIUM
FortiSandbox < 3.2.2 - Authenticated Denial of Service via Sniffer Interface
Apr 06, 2022
CVSS 5.4
EPSS 0.01
CVE-2020-15936 LOW
FortiOS < 5.6.13 - Sensitive Information Disclosure via SNI Client Hello TLS Packets
Mar 01, 2022
CVSS 2.6
EPSS 0.01
CVE-2020-15933 MEDIUM
FortiMail <=6.0.9/6.2.4/6.4.1 Sensitive Version Info Exposure via Client-Side Inspection
Jan 05, 2022
CVSS 5.3
EPSS 0.01
CVE-2020-15935 MEDIUM
FortiADC <= 5.4.3 and 6.0.0 - Authenticated Cleartext Storage of Sensitive Information in GUI
Nov 02, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-15940 MEDIUM
FortiClientEMS < 6.0.8 - Authenticated Stored Cross-Site Scripting via Name Parameter
Nov 02, 2021
CVSS 4.1
EPSS 0.01
CVE-2020-12814 MEDIUM
Fortinet FortiAnalyzer <6.0.6-6.4.4 - XSS
Nov 02, 2021
CVSS 4.1
EPSS 0.00
CVE-2020-15941 MEDIUM
FortiClientEMS < 6.4.1 and <= 6.2.8 - Authenticated Path Traversal via Deployment Package Name Parameter
Oct 06, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-29012 MEDIUM
FortiSandbox < 3.2.2 - Insufficient Session Expiration
Sep 08, 2021
CVSS 5.6
EPSS 0.01
CVE-2020-15939 MEDIUM
FortiSandbox <3.2.1 & <3.1.4 - Info Disclosure
Sep 06, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-29011 HIGH
FortiSandbox 3.1.0-3.1.4 and 3.2.0-3.2.2 - Authenticated SQL Injection via Checksum Search and MTA-Quarantine Modules
Aug 04, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-29014 MEDIUM
FortiSandbox < 3.2.2 - Authenticated Denial of Service via Command Shell Race Condition
Jul 09, 2021
CVSS 6.3
EPSS 0.01
CVE-2020-6641 MEDIUM
FortiPresence < 20.1 - Authorization Bypass via Portal Manager or Portal Users Parameters
Jun 02, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-15942 MEDIUM
FortiWeb 6.2.0-6.2.3 - Authenticated Information Disclosure in Web Vulnerability Scan Profile
Apr 12, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-15938 MEDIUM
FortiGate <6.2.5/<6.4.2 - Non-HTTP Traffic Bypasses Transparent Proxy Policy
Mar 04, 2021
CVSS 4.0
EPSS 0.01
CVE-2020-15937 MEDIUM
FortiOS 6.2.0-6.2.4 - Stored Cross-Site Scripting via IPS and WAF Logs Dashboard
Mar 03, 2021
CVSS 4.7
EPSS 0.01
CVE-2020-6649 CRITICAL
FortiIsolator < 2.0.1 - Insufficient Session Expiration
Feb 08, 2021
CVSS 9.8
EPSS 0.02
CVE-2020-29019 MEDIUM
FortiWeb < 6.2.4 and 6.3.0-6.3.7 - Unauthenticated Stack-based Buffer Overflow via Crafted Cookie Header
Jan 14, 2021
CVSS 5.3
EPSS 0.02
CVE-2020-29018 HIGH
FortiWeb 6.3.0-6.3.5 - Authenticated Format String Injection via Redir Parameter
Jan 14, 2021
CVSS 8.8
EPSS 0.02
CVE-2020-29017 HIGH
FortiDeceptor 3.0.0-3.1.0 - Authenticated OS Command Injection via Customization Page
Jan 14, 2021
CVSS 8.8
EPSS 0.04
CVE-2020-29016 CRITICAL
FortiWeb < 6.2.4 and 6.3.0-6.3.5 - Unauthenticated Stack-Based Buffer Overflow via Large Certname
Jan 14, 2021
CVSS 9.8
EPSS 0.03
CVE-2020-29015 CRITICAL
FortiWeb < 6.2.4 and 6.3.0-6.3.7 - Unauthenticated Blind SQL Injection via Authorization Header
Jan 14, 2021
CVSS 9.8
EPSS 0.03