Vulnerabilidades em Fortinet
933 resultadosCVE-2022-30302MEDIUMMultiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.EPSS 0.8%CVE-2024-32117MEDIUMAn improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.EPSS 0.8%CVE-2023-36556HIGHAn incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6EPSS 0.8%CVE-2024-31491HIGHA client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2EPSS 0.8%CVE-2023-23775MEDIUMMultiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerabilities [CWE-89] in FortiSOAR 7.2.0 and EPSS 0.8%CVE-2023-41841HIGHAn improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin EPSS 0.8%CVE-2023-33305MEDIUMA loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS version 7.0.0 through 7.0.EPSS 0.8%CVE-2021-41015MEDIUMA improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 EPSS 0.8%CVE-2023-45581HIGHAn improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0 through 7.2.2 and before 7.0.10 allows an EPSS 0.8%CVE-2022-45861MEDIUMAn access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.EPSS 0.8%CVE-2021-36193MEDIUMMultiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achievEPSS 0.8%CVE-2021-26098MEDIUMAn instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few informaEPSS 0.8%CVE-2021-24011MEDIUMA privilege escalation vulnerability in FortiNAC version below 8.8.2 may allow an admin user to escalate the privileges to root by abusing tEPSS 0.8%CVE-2021-36190MEDIUMA unintended proxy or intermediary ('confused deputy') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows an unauthenticaEPSS 0.8%CVE-2019-5588—A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4 under SSL VPN web portal may allow an attacker to exEPSS 0.8%CVE-2019-5586—A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet FortiOS 5.2.0 to 5.6.10, 6.0.0 to 6.0.4 under SSL VPN web portal may allow EPSS 0.8%CVE-2021-32595MEDIUMMultiple uncontrolled resource consumption vulnerabilities in the web interface of FortiPortal before 6.0.6 may allow a single low-privilegeEPSS 0.8%CVE-2025-22252CRITICALA missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FoEPSS 0.8%CVE-2020-15937MEDIUMAn improper neutralization of input vulnerability in FortiGate version 6.2.x below 6.2.5 and 6.4.x below 6.4.1 may allow a remote attacker tEPSS 0.8%CVE-2022-30300MEDIUMA relative path traversal vulnerability [CWE-23] in FortiWeb 7.0.0 through 7.0.1, 6.3.6 through 6.3.18, 6.4 all versions may allow an authenEPSS 0.8%