Vulnerabilidades em Fortinet
933 resultadosCVE-2023-44255LOWAn exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 anEPSS 0.5%CVE-2021-24017MEDIUMAn improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and EPSS 0.5%CVE-2026-25689MEDIUMAn improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.2.0, FortiDeEPSS 0.5%CVE-2023-45584MEDIUMA double free vulnerability [CWE-415] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FoEPSS 0.5%CVE-2024-55597MEDIUMA improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiWeb versions 7.0.0 through 7.6.0 allows atEPSS 0.5%CVE-2023-41679HIGHAn improper access control vulnerability [CWE-284] in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 throEPSS 0.5%CVE-2022-42478HIGHAn Improper Restriction of Excessive Authentication Attempts [CWE-307] in FortiSIEM below 7.0.0 may allow a non-privileged user with access EPSS 0.5%CVE-2021-43070MEDIUMMultiple relative path traversal vulnerabilities [CWE-23] in FortiWLM management interface 8.6.2 and below, 8.5.2 and below, 8.4.2 and belowEPSS 0.5%CVE-2022-23438MEDIUMAn improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in FortiOS version 7.0.5 and EPSS 0.5%CVE-2020-29012MEDIUMAn insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an attacker to reuse the unexpired adminEPSS 0.5%CVE-2023-40714CRITICALA relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to esEPSS 0.5%CVE-2023-44254MEDIUMAn authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManagerEPSS 0.5%CVE-2020-29010MEDIUMAn exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay EPSS 0.5%CVE-2021-41032MEDIUMAn improper access control vulnerability [CWE-284] in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attackEPSS 0.5%CVE-2024-31493MEDIUMAn improper removal of sensitive information before storage or transfer vulnerability [CWE-212] in FortiSOAR version 7.3.0, version 7.2.2 anEPSS 0.5%CVE-2024-31495LOWA improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiPortal versions 7.0.0 through 7.0.6 EPSS 0.5%CVE-2020-15935MEDIUMA cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated aEPSS 0.5%CVE-2024-46665LOWAn insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in EPSS 0.5%CVE-2025-22258MEDIUMA heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.EPSS 0.5%CVE-2023-45582MEDIUMAn improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 through 7.2.4, 7.0.0EPSS 0.5%