Vulnerabilidades em Fortinet
933 resultadosCVE-2023-47539CRITICALAn improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS authentication and remote_wildcard enabled may alEPSS 1.1%CVE-2021-36180HIGHMultiple improper neutralization of special elements used in a command vulnerabilities [CWE-77] in FortiWeb management interface 6.4.1 and bEPSS 1.1%CVE-2024-54024HIGHAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolatEPSS 1.1%CVE-2018-13384—A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to poEPSS 1.1%CVE-2023-41678HIGHA double free in Fortinet FortiOS versions 7.0.0 through 7.0.5, FortiPAM version 1.0.0 through 1.0.3, 1.1.0 through 1.1.1 allows attacker toEPSS 1.1%CVE-2021-26092MEDIUMFailure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 throEPSS 1.1%CVE-2023-36639HIGHA use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, FortiOS versions 7.4EPSS 1.1%CVE-2024-50566HIGHA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiManager Cloud 7.EPSS 1.1%CVE-2023-47534HIGHA improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.EPSS 1.1%CVE-2024-23111MEDIUMAn improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and EPSS 1.0%CVE-2021-26108HIGHA use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may allow an attacker to retrieve the key by reverEPSS 1.0%CVE-2024-55590HIGHMultiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet ForEPSS 1.0%CVE-2021-26088HIGHAn improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO fireEPSS 1.0%CVE-2020-6644—An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker to reuse the unexpired admin user sessiEPSS 1.0%CVE-2024-32115MEDIUMA relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 allows a privileged EPSS 1.0%CVE-2021-22124HIGHAn uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 throuEPSS 1.0%CVE-2023-41675MEDIUMA use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.EPSS 1.0%CVE-2024-31488MEDIUMAn improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC version 9.4.0 through 9.4.4, 9.2.0 througEPSS 1.0%CVE-2021-32586HIGHAn improper input validation vulnerability in the web server CGI facilities of FortiMail before 7.0.1 may allow an unauthenticated attacker EPSS 1.0%CVE-2021-22128HIGHAn improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attEPSS 1.0%