Vulnerabilities in Fortinet

933 results

CVE-2023-37935MEDIUMA use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows anEPSS 0.9%CVE-2022-22300MEDIUMA improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5.6.0 through 5.6.11, FortiAnalyzer version EPSS 0.9%CVE-2022-26117HIGHAn empty password in configuration file vulnerability [CWE-258] in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 anEPSS 0.9%CVE-2024-47571HIGHAn operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper accEPSS 0.9%CVE-2021-44168LOWA download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local EPSS 0.9%KEV CVE-2023-44249MEDIUMAn authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortEPSS 0.9%CVE-2017-17541—A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below veEPSS 0.9%CVE-2018-13366—An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate viaEPSS 0.9%CVE-2025-54820HIGHA Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 throughEPSS 0.9%CVE-2022-29055HIGHA access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x, EPSS 0.9%CVE-2020-12820MEDIUMUnder non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remEPSS 0.9%CVE-2019-16157—An information exposure vulnerability in Fortinet FortiWeb 6.2.0 CLI and earlier may allow an authenticated user to view sensitive informatiEPSS 0.9%CVE-2024-31487MEDIUMA improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4,EPSS 0.9%CVE-2020-9288—An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scEPSS 0.9%CVE-2020-12815—An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script relEPSS 0.9%CVE-2023-40720MEDIUMAn authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6EPSS 0.8%CVE-2023-44251HIGH** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FoEPSS 0.8%CVE-2020-6643—An improper neutralization of input vulnerability in the URL Description in Fortinet FortiIsolator version 1.2.2 allows a remote authenticatEPSS 0.8%CVE-2023-42786MEDIUMA null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versioEPSS 0.8%CVE-2023-33306MEDIUMA null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allEPSS 0.8%

← previouspage 14 / 47next →