fortinet
1,136 tracked vulnerabilities.
CVE-2020-6648
MEDIUM
FortiProxy 2.0.0 and <1.2.10 - Authenticated Cleartext Storage of Sensitive Information via CLI Command
Oct 21, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-12815
MEDIUM
FortiTester <3.9.0 - XSS
Sep 24, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-12811
MEDIUM
FortiManager/FortiAnalyzer <6.2.3 - XSS
Sep 24, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-12818
MEDIUM
FortiOS < 6.4.1 - Unauthenticated Traffic Logging Bypass
Sep 24, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-12817
HIGH
FortiAnalyzer - Authenticated Stored Cross-Site Scripting via Storage Connector Name Parameter
Sep 24, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-12816
MEDIUM
FortiNAC < 8.7.3 - Authenticated Stored Cross-Site Scripting via Admin UserID
Sep 24, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-12812
CRITICAL
KEV
FortiOS 6.4.0, 6.2.0-6.2.3, <6.0.10 - Improper Authentication via Username Case Variation
Jul 24, 2020
CVSS 9.8
EPSS 0.49
CVE-2020-9288
MEDIUM
FortiWLC < 8.5.1 - Authenticated Stored Cross-Site Scripting via ESS or Radius Profile
Jun 22, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6644
HIGH
FortiDeceptor < 3.0.0 - Insufficient Session Expiration
Jun 22, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-9289
HIGH
FortiAnalyzer and FortiManager < 6.2.3 - Use of Hard-coded Cryptographic Key
Jun 16, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-9292
CRITICAL
FortiSIEM Windows Agent - Privilege Escalation
Jun 04, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6640
MEDIUM
FortiAnalyzer < 6.2.4 - Authenticated Stored Cross-Site Scripting via Description Area
Jun 04, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-9291
MEDIUM
FortiClient < 6.0.9 - Privilege Escalation via Temporary File Symbolic Link Attack
Jun 01, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-9294
CRITICAL
FortiMail Unauthenticated Login Bypass Scanner
Apr 27, 2020
CVSS 9.8
EPSS 0.78
CVE-2020-9286
MEDIUM
FortiADC < 5.3.4 - Authenticated Improper Authorization
Apr 07, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6647
MEDIUM
FortiADC < 5.3.4 - Authenticated Cross-Site Scripting via Dashboard Name Parameter
Apr 07, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-6646
MEDIUM
FortiWeb < 6.2.2 - Authenticated Stored Cross-Site Scripting via Disclaimer Description
Mar 17, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-9290
HIGH
FortiClient < 6.2.3 - Uncontrolled Search Path Element via Malicious Filter Library DLL
Mar 15, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-9287
HIGH
FortiClient EMS < 6.2.1 - Unauthenticated Arbitrary Code Execution via Filter Library DLL Hijacking
Mar 15, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-6643
MEDIUM
FortiIsolator < 1.2.2 - Authenticated Cross-Site Scripting via URL Description
Mar 12, 2020
CVSS 5.4
EPSS 0.01
CVE-2019-16149
MEDIUM
FortiClientEMS < 6.2.1 - Remote Code Execution via User Profile Injection
Mar 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2019-16151
MEDIUM
FortiOS 6.2.0-6.2.9 - Unauthenticated Cross-Site Scripting via Host Header
Mar 21, 2025
CVSS 4.7
EPSS 0.00
CVE-2019-6697
MEDIUM
FortiOS 6.0.0-6.0.6 - Unauthenticated Stored Cross-Site Scripting via DHCP Hostname Parameter
Mar 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2019-17659
LOW
FortiSIEM < 5.2.7 - Unauthenticated SSH Access via Hard-coded Cryptographic Key
Mar 17, 2025
CVSS 3.7
EPSS 0.01
CVE-2019-15706
MEDIUM
FortiProxy 1.2.0-1.2.9 and FortiOS 5.6.0-5.6.12 - Authenticated Stored Cross-Site Scripting in SSL VPN Portal
Mar 17, 2025
CVSS 4.1
EPSS 0.00
Products
fortios 271
fortiweb 124
fortiproxy 121
fortimanager 112
fortianalyzer 92
forticlient 85
fortisandbox 59
FortiOS 47
fortimail 46
fortiportal 45
fortiadc 43
fortisoar 31
fortinac 30
fortisiem 30
FortiProxy 29
fortimanager_cloud 27
fortipam 26
fortivoice 24
fortiauthenticator 23
fortiwlm 23
fortiswitchmanager 19
fortinet_antivirus 18
fortianalyzer_cloud 17
FortiPAM 16
fortitester 16
fortiwan 16
fortimanager_firmware 15
fortiswitch 14
fortiwlc 14
fortianalyzer_big_data 13
Quick Filters