Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / fortinet

fortinet

1,122 tracked vulnerabilities.

CVE-2019-13399 MEDIUM

Fortinet FCM-MB40 v1.2.0.0 - Use of Hard-coded SSL/TLS Key

CVE-2019-13398 HIGH

Fortinet FCM-MB40 1.2.0.0 - OS Command Injection via CGI Script Parameters

CVE-2019-5588 MEDIUM

FortiOS 6.0.0-6.0.4 - Reflected Cross-Site Scripting via SSL VPN Error Parameter

CVE-2019-5587 MEDIUM

Fortinet FortiOS < 6.0.5 - Unauthenticated Malicious Image Implantation via Root File System Integrity Bypass

CVE-2019-5586 MEDIUM

FortiOS 5.2.0-5.6.10, 6.0.0-6.0.4 - Reflected Cross-Site Scripting via SSL VPN Error Process Param Parameter

CVE-2019-5589 HIGH

FortiClient < 6.0.6 - Unauthenticated Remote Code Execution via DLL Hijacking

CVE-2018-13371 HIGH

FortiOS < 5.4.10 - Authenticated Routing Settings Manipulation via ZebOS Component

CVE-2018-9195 MEDIUM

FortiClient < 6.0.6 and < 6.2.1 - Use of Hard-coded Cryptographic Key in FortiGuard Services Communication

CVE-2018-13367 MEDIUM

FortiOS < 6.2.0 - Unauthenticated Sensitive Information Exposure via Admin WebUI JavaScript File

CVE-2018-13384 MEDIUM

FortiOS < 6.0.5 - Host Header Redirection via SSL VPN Web Portal

CVE-2018-13382 CRITICAL KEV

FortiProxy < 1.2.9 and FortiOS 5.4.1-5.4.10 - Unauthenticated Password Modification via SSL VPN Web Portal

CVE-2018-13381 MEDIUM

FortiProxy <= 1.2.8 and FortiOS < 5.2.14 - Unauthenticated Denial of Service via SSL VPN Web Portal

CVE-2018-13380 MEDIUM NUCLEI

FortiOS < 6.0.5, 5.6.8, 5.4.13 & FortiProxy < 2.0.1, 1.2.9 XSS via SSL VPN Error Handling

CVE-2018-13379 CRITICAL KEVNUCLEI

FortiProxy < 1.2.9 and FortiOS 5.4.6-5.4.12 - Unauthenticated Path Traversal via SSL VPN Web Portal

CVE-2018-9193 HIGH

FortiClient for Windows <6.0.5 - Privilege Escalation

CVE-2018-9191 HIGH

FortiClient < 6.0.4 - Local Privilege Escalation via Update Named Pipe

CVE-2018-13368 HIGH

Fortinet FortiClient < 6.0.4 - Local Privilege Escalation via Command Injection

CVE-2018-13365 MEDIUM

Fortinet FortiOS < 5.6.5 - Information Exposure via Application Control Block Page

CVE-2018-13383 MEDIUM KEV

FortiProxy < 1.2.9 and FortiOS 5.2.0-5.2.14 - Heap Buffer Overflow in SSL VPN Web Portal

CVE-2018-13375 MEDIUM

Fortinet FortiAnalyzer and FortiManager < 5.6.0 - Stored Cross-Site Scripting via DHCP HOSTNAME Parameter

CVE-2018-1360 HIGH

Fortinet FortiManager 5.2.0-5.2.7, 5.4.0-5.4.1 - Cleartext Transmission of Sensitive Information via REST API

CVE-2018-13378 HIGH

Fortinet FortiSIEM < 5.2.0 - Unauthenticated LDAP Password Exposure via HTML Source Code

CVE-2018-1356 MEDIUM

Fortinet FortiSandbox < 3.0.0 - Reflected Cross-Site Scripting via back_url Parameter

CVE-2018-13366 MEDIUM

Fortinet FortiOS <= 5.6.7 - Information Disclosure via PPTP Hostname Field

CVE-2018-9190 MEDIUM

FortiClientWindows < 6.0.2 - Denial of Service via NDIS Miniport Driver

Previous Page 38 of 45 Next

Products

fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy