fortinet

1,136 tracked vulnerabilities.

CVE-2019-15705 HIGH
FortiOS < 6.0.6 - Unauthenticated Denial of Service via SSL VPN Portal POST Request
Nov 27, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-6693 MEDIUM KEV
FortiOS < 5.6.10 - Use of Hard-coded Credentials in Configuration Backup
Nov 21, 2019
CVSS 6.5
EPSS 0.06
CVE-2019-17650 HIGH
FortiClient < 6.2.1 - Local Privilege Escalation via Root Process Command Injection
Nov 21, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-15704 MEDIUM
FortiClient for Mac >=6.0.0 <6.0.7 - Sensitive Information Exposure via Console Log
Nov 21, 2019
CVSS 5.5
EPSS 0.00
CVE-2019-6692 HIGH
FortiClient < 6.2.0 - DLL Preload Arbitrary Code Execution
Oct 24, 2019
CVSS 7.8
EPSS 0.01
CVE-2019-15703 HIGH
Fortinet FortiOS <6.2.1 - Info Disclosure
Oct 24, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-5590 MEDIUM
FortiWeb < 6.0.2 - Cross-Site Scripting via HTML Report URL
Aug 28, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6695 CRITICAL
FortiManager < 6.0.6 - Insufficient Verification of Data Authenticity
Aug 23, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-5594 MEDIUM
FortiNAC 8.3.0-8.3.6 and 8.5.0 - Unauthenticated Reflected Cross-Site Scripting via Search Field
Aug 23, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-6698 CRITICAL
FortiRecorder Firmware < 2.7.4 - Unauthenticated Use of Hard-coded Credentials
Aug 23, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-5592 MEDIUM
FortiOS IPS Engine < 3.00547 - Padding Oracle Vulnerabilities via CBC Padding Implementation
Aug 23, 2019
CVSS 5.9
EPSS 0.01
CVE-2019-13402 HIGH
Dynacolor FCM-MB40 v1.2.0.0 - Info Disclosure
Jul 08, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-13401 HIGH
Fortinet FCM-MB40 1.2.0.0 - Cross-Site Request Forgery in cgi-bin Scripts
Jul 08, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-13400 CRITICAL
Fortinet FCM-MB40 v1.2.0.0 - Insufficiently Protected Credentials via Cleartext Storage
Jul 08, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-13399 MEDIUM
Fortinet FCM-MB40 v1.2.0.0 - Use of Hard-coded SSL/TLS Key
Jul 08, 2019
CVSS 5.9
EPSS 0.01
CVE-2019-13398 HIGH
Fortinet FCM-MB40 1.2.0.0 - OS Command Injection via CGI Script Parameters
Jul 08, 2019
CVSS 7.2
EPSS 0.04
CVE-2019-5588 MEDIUM
FortiOS 6.0.0-6.0.4 - Reflected Cross-Site Scripting via SSL VPN Error Parameter
Jun 04, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-5587 MEDIUM
Fortinet FortiOS < 6.0.5 - Unauthenticated Malicious Image Implantation via Root File System Integrity Bypass
Jun 04, 2019
CVSS 6.5
EPSS 0.00
CVE-2019-5586 MEDIUM
FortiOS 5.2.0-5.6.10, 6.0.0-6.0.4 - Reflected Cross-Site Scripting via SSL VPN Error Process Param Parameter
Jun 04, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-5589 HIGH
FortiClient < 6.0.6 - Unauthenticated Remote Code Execution via DLL Hijacking
May 28, 2019
CVSS 7.8
EPSS 0.03
CVE-2018-13371 HIGH
FortiOS < 5.4.10 - Authenticated Routing Settings Manipulation via ZebOS Component
Apr 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2018-9195 MEDIUM
FortiClient < 6.0.6 and < 6.2.1 - Use of Hard-coded Cryptographic Key in FortiGuard Services Communication
Nov 21, 2019
CVSS 5.9
EPSS 0.02
CVE-2018-13367 MEDIUM
FortiOS < 6.2.0 - Unauthenticated Sensitive Information Exposure via Admin WebUI JavaScript File
Aug 23, 2019
CVSS 5.3
EPSS 0.01
CVE-2018-13384 MEDIUM
FortiOS < 6.0.5 - Host Header Redirection via SSL VPN Web Portal
Jun 04, 2019
CVSS 6.1
EPSS 0.01
CVE-2018-13382 CRITICAL KEV
FortiProxy < 1.2.9 and FortiOS 5.4.1-5.4.10 - Unauthenticated Password Modification via SSL VPN Web Portal
Jun 04, 2019
CVSS 9.1
EPSS 0.82