Vulnerabilidades em Fortinet
933 resultadosCVE-2024-26007MEDIUMAn improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated EPSS 1.2%CVE-2019-16153—A hard-coded password vulnerability in the Fortinet FortiSIEM database component version 5.2.5 and below may allow attackers to access the dEPSS 1.1%CVE-2023-27995HIGHA improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an auEPSS 1.1%CVE-2025-49813MEDIUMAn improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC veEPSS 1.1%CVE-2023-29183HIGHAn improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7EPSS 1.1%CVE-2021-41014HIGHA uncontrolled resource consumption in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticated attacker to makEPSS 1.1%CVE-2022-35845HIGHMultiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester EPSS 1.1%CVE-2021-36171HIGHThe use of a cryptographically weak pseudo-random number generator in the password reset feature of FortiPortal before 6.0.6 may allow a remEPSS 1.1%CVE-2020-15941MEDIUMA path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to iEPSS 1.1%CVE-2021-22130MEDIUMA stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.EPSS 1.1%CVE-2017-3125—An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an attacker to execute arbitrary scripts in EPSS 1.1%CVE-2021-24013HIGHMultiple Path traversal vulnerabilities in the Webmail of FortiMail before 6.4.4 may allow a regular user to obtain unauthorized access to fEPSS 1.1%CVE-2021-43067HIGHA exposure of sensitive information to an unauthorized actor in Fortinet FortiAuthenticator version 6.4.0, version 6.3.2 and below, version EPSS 1.1%CVE-2021-36168MEDIUMA Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.xEPSS 1.1%CVE-2024-48890MEDIUMAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP conneEPSS 1.1%CVE-2021-22129HIGHMultiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow aEPSS 1.1%CVE-2022-38375HIGHAn improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticatEPSS 1.1%CVE-2021-36195MEDIUMMultiple command injection vulnerabilities in the command line interpreter of FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 thEPSS 1.1%CVE-2024-50562MEDIUMAn Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and belEPSS 1.1%CVE-2023-47539CRITICALAn improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS authentication and remote_wildcard enabled may alEPSS 1.1%