fortinet

1,136 tracked vulnerabilities.

CVE-2020-6648 MEDIUM
FortiProxy 2.0.0 and <1.2.10 - Authenticated Cleartext Storage of Sensitive Information via CLI Command
Oct 21, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-12815 MEDIUM
FortiTester <3.9.0 - XSS
Sep 24, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-12811 MEDIUM
FortiManager/FortiAnalyzer <6.2.3 - XSS
Sep 24, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-12818 MEDIUM
FortiOS < 6.4.1 - Unauthenticated Traffic Logging Bypass
Sep 24, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-12817 HIGH
FortiAnalyzer - Authenticated Stored Cross-Site Scripting via Storage Connector Name Parameter
Sep 24, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-12816 MEDIUM
FortiNAC < 8.7.3 - Authenticated Stored Cross-Site Scripting via Admin UserID
Sep 24, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-12812 CRITICAL KEV
FortiOS 6.4.0, 6.2.0-6.2.3, <6.0.10 - Improper Authentication via Username Case Variation
Jul 24, 2020
CVSS 9.8
EPSS 0.49
CVE-2020-9288 MEDIUM
FortiWLC < 8.5.1 - Authenticated Stored Cross-Site Scripting via ESS or Radius Profile
Jun 22, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6644 HIGH
FortiDeceptor < 3.0.0 - Insufficient Session Expiration
Jun 22, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-9289 HIGH
FortiAnalyzer and FortiManager < 6.2.3 - Use of Hard-coded Cryptographic Key
Jun 16, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-9292 CRITICAL
FortiSIEM Windows Agent - Privilege Escalation
Jun 04, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6640 MEDIUM
FortiAnalyzer < 6.2.4 - Authenticated Stored Cross-Site Scripting via Description Area
Jun 04, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-9291 MEDIUM
FortiClient < 6.0.9 - Privilege Escalation via Temporary File Symbolic Link Attack
Jun 01, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-9294 CRITICAL
FortiMail Unauthenticated Login Bypass Scanner
Apr 27, 2020
CVSS 9.8
EPSS 0.78
CVE-2020-9286 MEDIUM
FortiADC < 5.3.4 - Authenticated Improper Authorization
Apr 07, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6647 MEDIUM
FortiADC < 5.3.4 - Authenticated Cross-Site Scripting via Dashboard Name Parameter
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6646 MEDIUM
FortiWeb < 6.2.2 - Authenticated Stored Cross-Site Scripting via Disclaimer Description
Mar 17, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-9290 HIGH
FortiClient < 6.2.3 - Uncontrolled Search Path Element via Malicious Filter Library DLL
Mar 15, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-9287 HIGH
FortiClient EMS < 6.2.1 - Unauthenticated Arbitrary Code Execution via Filter Library DLL Hijacking
Mar 15, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-6643 MEDIUM
FortiIsolator < 1.2.2 - Authenticated Cross-Site Scripting via URL Description
Mar 12, 2020
CVSS 5.4
EPSS 0.01
CVE-2019-16149 MEDIUM
FortiClientEMS < 6.2.1 - Remote Code Execution via User Profile Injection
Mar 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2019-16151 MEDIUM
FortiOS 6.2.0-6.2.9 - Unauthenticated Cross-Site Scripting via Host Header
Mar 21, 2025
CVSS 4.7
EPSS 0.00
CVE-2019-6697 MEDIUM
FortiOS 6.0.0-6.0.6 - Unauthenticated Stored Cross-Site Scripting via DHCP Hostname Parameter
Mar 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2019-17659 LOW
FortiSIEM < 5.2.7 - Unauthenticated SSH Access via Hard-coded Cryptographic Key
Mar 17, 2025
CVSS 3.7
EPSS 0.01
CVE-2019-15706 MEDIUM
FortiProxy 1.2.0-1.2.9 and FortiOS 5.6.0-5.6.12 - Authenticated Stored Cross-Site Scripting in SSL VPN Portal
Mar 17, 2025
CVSS 4.1
EPSS 0.00