fortinet

1,136 tracked vulnerabilities.

CVE-2017-3133 MEDIUM NUCLEI
Fortinet FortiOS < 5.6.0 - Cross-Site Scripting via SSL-VPN Replacement Message
Sep 12, 2017
CVSS 6.1
EPSS 0.11
CVE-2017-3132 MEDIUM NUCLEI
Fortinet FortiOS < 5.6.0 - Cross-Site Scripting via FortiToken Activation Action Input
Sep 12, 2017
CVSS 6.1
EPSS 0.08
CVE-2017-3131 MEDIUM NUCLEI
FortiOS 5.4.0-5.4.4 and 5.6.0 - Cross-Site Scripting via FortiView Applications Filter Input
Sep 12, 2017
CVSS 5.4
EPSS 0.08
CVE-2017-7737 MEDIUM
Fortinet FortiWeb <5.8.2 - Info Disclosure
Aug 10, 2017
CVSS 4.9
EPSS 0.01
CVE-2017-3130 HIGH
FortiOS 5.6.0 and 5.4.4 - Unauthenticated Information Disclosure via IKE VendorID Packet
Aug 10, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-7336 CRITICAL
Fortinet FortiWLM <8.3.0 - Command Injection
Jul 22, 2017
CVSS 9.8
EPSS 0.02
CVE-2017-3127 MEDIUM
FortiOS 5.2.0-5.2.10 - Cross-Site Scripting via srcintf Parameter
Jun 01, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7731 HIGH
Fortinet FortiPortal <4.0.0 - Info Disclosure
May 27, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-7343 MEDIUM
Fortinet FortiPortal <4.0.0 - Open Redirect
May 27, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7339 MEDIUM
Fortinet FortiPortal < 4.0.0 - Cross-Site Scripting via Add Revision Backup Name and Description Inputs
May 27, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-7338 HIGH
Fortinet FortiPortal <4.0.0 - Info Disclosure
May 27, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-7337 CRITICAL
Fortinet FortiPortal <4.0.0 - Info Disclosure
May 27, 2017
CVSS 9.1
EPSS 0.01
CVE-2017-3134 HIGH
Fortinet FortiWLC-SD <= 8.2.4 - Privilege Escalation via CLI Command
May 27, 2017
CVSS 7.2
EPSS 0.02
CVE-2017-3129 MEDIUM
FortiWeb <= 5.7.1 - Cross-Site Scripting via Site Publisher POST Parameter
May 27, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-3126 MEDIUM
Fortinet FortiAnalyzer and FortiManager 5.4.0-5.4.2 - Open Redirect via Next Parameter
May 27, 2017
CVSS 6.1
EPSS 0.01
CVE-2017-3128 MEDIUM
Fortinet FortiOS 5.0.0-5.0.14, 5.2.0-5.2.10 - Stored Cross-Site Scripting via Policy Global-Label Parameter
May 23, 2017
CVSS 4.8
EPSS 0.01
CVE-2017-3125 MEDIUM
FortiMail 5.0.0-5.2.9 and 5.3.0-5.3.8 - Unauthenticated Cross-Site Scripting
Apr 12, 2017
CVSS 6.1
EPSS 0.01
CVE-2016-8493 HIGH
FortiClientWindows <5.4.2 - Privilege Escalation
Jun 26, 2017
CVSS 8.8
EPSS 0.02
CVE-2016-7542 MEDIUM
FortiOS 5.2.x < 5.2.10 and 5.4.x < 5.4.2 - Authenticated Password Hash Exposure via WebUI REST API
Mar 30, 2017
CVSS 4.9
EPSS 0.02
CVE-2016-7541 MEDIUM
FortiOS 5.x < 5.4.0 - Security Policy Bypass during IPS Signature Update in Flow Mode
Mar 30, 2017
CVSS 5.9
EPSS 0.01
CVE-2016-8495 HIGH
Fortinet FortiManager <5.2.7, <5.4.1 - SSL Injection
Feb 13, 2017
CVSS 7.4
EPSS 0.01
CVE-2016-8494 HIGH
Fortinet Connect - Authenticated Remote Code Execution via Theme Upload
Feb 09, 2017
CVSS 7.2
EPSS 0.01
CVE-2016-8492 MEDIUM
Fortinet FortiGate - Info Disclosure
Feb 08, 2017
CVSS 5.9
EPSS 0.01
CVE-2016-8491 CRITICAL
Fortinet FortiWLC - Privilege Escalation
Feb 01, 2017
CVSS 9.1
EPSS 0.02
CVE-2016-7561 HIGH
Fortinet FortiWLC <=8.2-4-0 - Sensitive Information Exposure via pam.log
Oct 05, 2016
CVSS 7.2
EPSS 0.01