fortinet
1,136 tracked vulnerabilities.
CVE-2020-29010
MEDIUM
FortiOS < 6.0.11 - Authenticated Sensitive Information Exposure via SSL VPN Monitor CLI Command
Mar 17, 2025
CVSS 5.0
EPSS 0.01
CVE-2020-15934
HIGH
FortiClient for Linux 6.2.7 and below, 6.4.0 - Privilege Escalation via VCM Engine
Dec 19, 2024
CVSS 8.8
EPSS 0.00
CVE-2020-12820
MEDIUM
FortiOS <6.0.10, <5.6.12 - Buffer Overflow
Dec 19, 2024
CVSS 5.4
EPSS 0.01
CVE-2020-12819
MEDIUM
FortiOS < 5.6.13 - Authenticated Heap-based Buffer Overflow via LCP Packet
Dec 19, 2024
CVSS 5.4
EPSS 0.01
CVE-2020-29013
MEDIUM
FortiSandbox < 3.2.2 - Authenticated Denial of Service via Sniffer Interface
Apr 06, 2022
CVSS 5.4
EPSS 0.01
CVE-2020-15936
LOW
FortiOS < 5.6.13 - Sensitive Information Disclosure via SNI Client Hello TLS Packets
Mar 01, 2022
CVSS 2.6
EPSS 0.01
CVE-2020-15933
MEDIUM
FortiMail <=6.0.9/6.2.4/6.4.1 Sensitive Version Info Exposure via Client-Side Inspection
Jan 05, 2022
CVSS 5.3
EPSS 0.01
CVE-2020-15935
MEDIUM
FortiADC <= 5.4.3 and 6.0.0 - Authenticated Cleartext Storage of Sensitive Information in GUI
Nov 02, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-15940
MEDIUM
FortiClientEMS < 6.0.8 - Authenticated Stored Cross-Site Scripting via Name Parameter
Nov 02, 2021
CVSS 4.1
EPSS 0.01
CVE-2020-12814
MEDIUM
Fortinet FortiAnalyzer <6.0.6-6.4.4 - XSS
Nov 02, 2021
CVSS 4.1
EPSS 0.00
CVE-2020-15941
MEDIUM
FortiClientEMS < 6.4.1 and <= 6.2.8 - Authenticated Path Traversal via Deployment Package Name Parameter
Oct 06, 2021
CVSS 5.4
EPSS 0.01
CVE-2020-29012
MEDIUM
FortiSandbox < 3.2.2 - Insufficient Session Expiration
Sep 08, 2021
CVSS 5.6
EPSS 0.01
CVE-2020-15939
MEDIUM
FortiSandbox <3.2.1 & <3.1.4 - Info Disclosure
Sep 06, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-29011
HIGH
FortiSandbox 3.1.0-3.1.4 and 3.2.0-3.2.2 - Authenticated SQL Injection via Checksum Search and MTA-Quarantine Modules
Aug 04, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-29014
MEDIUM
FortiSandbox < 3.2.2 - Authenticated Denial of Service via Command Shell Race Condition
Jul 09, 2021
CVSS 6.3
EPSS 0.01
CVE-2020-6641
MEDIUM
FortiPresence < 20.1 - Authorization Bypass via Portal Manager or Portal Users Parameters
Jun 02, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-15942
MEDIUM
FortiWeb 6.2.0-6.2.3 - Authenticated Information Disclosure in Web Vulnerability Scan Profile
Apr 12, 2021
CVSS 4.3
EPSS 0.01
CVE-2020-15938
MEDIUM
FortiGate <6.2.5/<6.4.2 - Non-HTTP Traffic Bypasses Transparent Proxy Policy
Mar 04, 2021
CVSS 4.0
EPSS 0.01
CVE-2020-15937
MEDIUM
FortiOS 6.2.0-6.2.4 - Stored Cross-Site Scripting via IPS and WAF Logs Dashboard
Mar 03, 2021
CVSS 4.7
EPSS 0.01
CVE-2020-6649
CRITICAL
FortiIsolator < 2.0.1 - Insufficient Session Expiration
Feb 08, 2021
CVSS 9.8
EPSS 0.02
CVE-2020-29019
MEDIUM
FortiWeb < 6.2.4 and 6.3.0-6.3.7 - Unauthenticated Stack-based Buffer Overflow via Crafted Cookie Header
Jan 14, 2021
CVSS 5.3
EPSS 0.02
CVE-2020-29018
HIGH
FortiWeb 6.3.0-6.3.5 - Authenticated Format String Injection via Redir Parameter
Jan 14, 2021
CVSS 8.8
EPSS 0.02
CVE-2020-29017
HIGH
FortiDeceptor 3.0.0-3.1.0 - Authenticated OS Command Injection via Customization Page
Jan 14, 2021
CVSS 8.8
EPSS 0.04
CVE-2020-29016
CRITICAL
FortiWeb < 6.2.4 and 6.3.0-6.3.5 - Unauthenticated Stack-Based Buffer Overflow via Large Certname
Jan 14, 2021
CVSS 9.8
EPSS 0.03
CVE-2020-29015
CRITICAL
FortiWeb < 6.2.4 and 6.3.0-6.3.7 - Unauthenticated Blind SQL Injection via Authorization Header
Jan 14, 2021
CVSS 9.8
EPSS 0.03
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters