Vulnerabilidades em Fortinet
933 resultadosCVE-2018-13368—A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands EPSS 0.8%CVE-2024-27784HIGHMultiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerability in Fortinet FortiAIOps 2.0.0 may alloEPSS 0.8%CVE-2026-24017HIGHAn Improper Control of Interaction Frequency vulnerability [CWE-799] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 EPSS 0.8%CVE-2022-26116HIGHMultiple improper neutralization of special elements used in SQL commands ('SQL Injection') vulnerability [CWE-89] in FortiNAC version 8.3.7EPSS 0.8%CVE-2021-24018MEDIUMA buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacentEPSS 0.8%CVE-2021-36174MEDIUMA memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an atEPSS 0.8%CVE-2022-27486MEDIUMA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5EPSS 0.8%CVE-2024-54021MEDIUMAn Improper Neutralization of CRLF Sequences in HTTP Headers ('http response splitting') vulnerability [CWE-113] in Fortinet FortiOS 7.2.0 tEPSS 0.8%CVE-2021-24023HIGHAn improper input validation in FortiAI v1.4.0 and earlier may allow an authenticated user to gain system shell access via a malicious payloEPSS 0.8%CVE-2025-25249HIGHA heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.1EPSS 0.7%CVE-2020-15938MEDIUMWhen traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the FortiGate in version below 6.2.5 and below 6.4.2 on port 80/443, it iEPSS 0.7%CVE-2023-46712MEDIUMA improper access control in Fortinet FortiPortal version 7.0.0 through 7.0.6, Fortinet FortiPortal version 7.2.0 through 7.2.1 allows attacEPSS 0.7%CVE-2024-21760HIGHAn improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 aEPSS 0.7%CVE-2024-21753MEDIUMA improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiClientEMS versions 7.2.0 through 7.2.4, 7.EPSS 0.7%CVE-2022-33876MEDIUMMultiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.EPSS 0.7%CVE-2022-35846HIGHAn improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiTester Telnet port 2.3.0 through 3.9.1, 4.0.0 tEPSS 0.7%CVE-2021-32594MEDIUMAn unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5,EPSS 0.7%CVE-2024-27782HIGHMultiple insufficient session expiration weaknesses [CWE-613] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stoEPSS 0.7%CVE-2026-26083CRITICALA missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0EPSS 0.7%CVE-2022-33875MEDIUMAn improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability in Fortinet FortiADC version 7.1.0, veEPSS 0.7%