fortinet

1,122 tracked vulnerabilities.

CVE-2017-3126 MEDIUM
Fortinet FortiAnalyzer and FortiManager 5.4.0-5.4.2 - Open Redirect via Next Parameter
May 27, 2017
CVSS 6.1
EPSS 0.00
CVE-2017-3128 MEDIUM
Fortinet FortiOS 5.0.0-5.0.14, 5.2.0-5.2.10 - Stored Cross-Site Scripting via Policy Global-Label Parameter
May 23, 2017
CVSS 4.8
EPSS 0.00
CVE-2017-3125 MEDIUM
FortiMail 5.0.0-5.2.9 and 5.3.0-5.3.8 - Unauthenticated Cross-Site Scripting
Apr 12, 2017
CVSS 6.1
EPSS 0.01
CVE-2016-8493 HIGH
FortiClientWindows <5.4.2 - Privilege Escalation
Jun 26, 2017
CVSS 8.8
EPSS 0.01
CVE-2016-7542 MEDIUM
FortiOS 5.2.x < 5.2.10 and 5.4.x < 5.4.2 - Authenticated Password Hash Exposure via WebUI REST API
Mar 30, 2017
CVSS 4.9
EPSS 0.00
CVE-2016-7541 MEDIUM
FortiOS 5.x < 5.4.0 - Security Policy Bypass during IPS Signature Update in Flow Mode
Mar 30, 2017
CVSS 5.9
EPSS 0.00
CVE-2016-8495 HIGH
Fortinet FortiManager <5.2.7, <5.4.1 - SSL Injection
Feb 13, 2017
CVSS 7.4
EPSS 0.00
CVE-2016-8494 HIGH
Fortinet Connect - Authenticated Remote Code Execution via Theme Upload
Feb 09, 2017
CVSS 7.2
EPSS 0.01
CVE-2016-8492 MEDIUM
Fortinet FortiGate - Info Disclosure
Feb 08, 2017
CVSS 5.9
EPSS 0.00
CVE-2016-8491 CRITICAL
Fortinet FortiWLC - Privilege Escalation
Feb 01, 2017
CVSS 9.1
EPSS 0.00
CVE-2016-7561 HIGH
Fortinet FortiWLC <=8.2-4-0 - Sensitive Information Exposure via pam.log
Oct 05, 2016
CVSS 7.2
EPSS 0.00
CVE-2016-7560 CRITICAL
Fortinet FortiWLC - Use of Hard-coded Credentials in rsyncd Server
Oct 05, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-4969 MEDIUM
FortiWan < 4.2.4 - Cross-Site Scripting via IP Parameter
Sep 21, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-4968 MEDIUM
FortiWan < 4.2.5 - Authenticated Administrator Cookie Exposure via linkreport/tmp/admin_global
Sep 21, 2016
CVSS 6.5
EPSS 0.03
CVE-2016-4967 MEDIUM
FortiWan < 4.2.4 - Authenticated Sensitive Information Exposure via Configuration Backup or PCAP Download
Sep 21, 2016
CVSS 6.5
EPSS 0.02
CVE-2016-4966 MEDIUM
FortiWan < 4.2.4 - Authenticated Arbitrary File Download via UserName Parameter
Sep 21, 2016
CVSS 6.5
EPSS 0.02
CVE-2016-4965 HIGH
FortiWan < 4.2.5 - Authenticated Remote Code Execution via nslookup graph parameter
Sep 21, 2016
CVSS 8.8
EPSS 0.08
CVE-2016-4573 CRITICAL
Fortinet FortiSwitch - Unauthenticated Administrative Access via Empty Password Bypass
Sep 09, 2016
CVSS 9.8
EPSS 0.08
CVE-2016-6909 CRITICAL
FortiOS 4.1.0-4.1.10, 4.2.0-4.2.12, 4.3.0-4.3.8 & FortiSwitch <3.4.2 - RCE via Cookie Parser Buffer Overflow
Aug 24, 2016
CVSS 9.8
EPSS 0.63
CVE-2016-3195 MEDIUM
FortiManager and FortiAnalyzer 5.x < 5.0.12, 5.2.x < 5.2.6 - Cross-Site Scripting
Aug 19, 2016
CVSS 6.1
EPSS 0.00
CVE-2016-3194 MEDIUM
FortiManager and FortiAnalyzer 5.x - Cross-Site Scripting in Address Page
Aug 19, 2016
CVSS 6.1
EPSS 0.00
CVE-2016-3193 MEDIUM
FortiManager and FortiAnalyzer 5.x < 5.0.12, 5.2.x < 5.2.6, 5.4.x < 5.4.1 - Authenticated Stored Cross-Site Scripting
Aug 19, 2016
CVSS 5.4
EPSS 0.00
CVE-2016-3196 MEDIUM
FortiAnalyzer/FortiManager 5.x < 5.0.12/5.2.x < 5.2.6 Authenticated Stored XSS via Report Image
Aug 05, 2016
CVSS 5.4
EPSS 0.00
CVE-2016-5092 MEDIUM
FortiWeb < 5.5.3 - Authenticated Path Traversal via Autolearn Feature
Jul 13, 2016
CVSS 4.9
EPSS 0.00
CVE-2016-4066 HIGH
FortiWeb < 5.5.2 - Cross-Site Request Forgery via Password Change Request
Jul 13, 2016
CVSS 8.8
EPSS 0.00
Products
fortios 267 fortiweb 124 fortiproxy 117 fortimanager 112 fortianalyzer 92 forticlient 85 fortisandbox 58 fortimail 46 fortiportal 44 fortiadc 43 fortisoar 31 fortinac 30 fortisiem 29 fortimanager_cloud 27 fortipam 25 fortivoice 24 fortiauthenticator 23 fortiwlm 23 fortiswitchmanager 19 fortinet_antivirus 18 fortianalyzer_cloud 17 fortitester 16 fortiwan 16 fortimanager_firmware 15 fortiswitch 14 fortiwlc 14 FortiOS 13 fortianalyzer_big_data 13 forticlientems 13 fortianalyzer_firmware 12
Quick Filters
Critical CVEs With Exploits In CISA KEV