Vulnerabilidades em Fortinet
933 resultadosCVE-2022-26120MEDIUMMultiple improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerabilities [CWE-89] in FortiADC managemenEPSS 0.6%CVE-2022-41329MEDIUMAn exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiProxy version 7.2.0 through 7.2.1 andEPSS 0.6%CVE-2023-36551MEDIUMA exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.5 allows attacker to informatioEPSS 0.6%CVE-2023-23784MEDIUMA relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versionsEPSS 0.6%CVE-2024-50563MEDIUMA weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud vEPSS 0.6%CVE-2024-33510LOWAn improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS versEPSS 0.6%CVE-2024-26009HIGHAn authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS 6.4.0 through 6.4.15, FortiOS 6.2.0 EPSS 0.6%CVE-2025-25254MEDIUMAn Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in FortiWeb version 7.6.2 and belowEPSS 0.6%CVE-2021-41020HIGHAn improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attaEPSS 0.6%CVE-2022-27482HIGHA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.EPSS 0.6%CVE-2021-41019LOWAn improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiOS versions 6.4.6 and below may allow the connectioEPSS 0.6%CVE-2026-44277CRITICALA improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6EPSS 0.6%CVE-2023-50176HIGHA session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execuEPSS 0.6%CVE-2022-38377MEDIUMAn improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0EPSS 0.5%CVE-2021-32593MEDIUMA use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allowEPSS 0.5%CVE-2022-39954MEDIUMAn improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.EPSS 0.5%CVE-2019-6699—An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored Cross SitEPSS 0.5%CVE-2021-26099MEDIUMMissing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0 may allow an attacker who comes in possessionEPSS 0.5%CVE-2024-27778HIGHAn improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 4.4.0 thrEPSS 0.5%CVE-2024-23669MEDIUMAn improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 alloEPSS 0.5%