Fortinet

Fortios

236 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-12819

  • EPSS 0.36%
  • Published 19.12.2024 08:15:11
  • Last modified 21.01.2025 20:58:57

A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by...

4.3

CVE-2024-33510

  • EPSS 0.1%
  • Published 12.11.2024 19:15:09
  • Last modified 17.01.2025 20:35:31

An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, ve...

9.8

CVE-2024-26011

  • EPSS 0.05%
  • Published 12.11.2024 19:15:08
  • Last modified 12.12.2024 19:33:58

A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version...

8.8

CVE-2023-50176

  • EPSS 0.11%
  • Published 12.11.2024 19:15:07
  • Last modified 12.12.2024 19:27:35

A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link.

5.5

CVE-2024-36505

  • EPSS 0.02%
  • Published 13.08.2024 16:15:08
  • Last modified 22.08.2024 14:36:31

An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained write access to the underlying system (via another hyp...

8.8

CVE-2022-45862

  • EPSS 0.21%
  • Published 13.08.2024 16:15:07
  • Last modified 22.08.2024 14:32:16

An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0...

4.7

CVE-2024-26015

  • EPSS 0.05%
  • Published 09.07.2024 16:15:04
  • Last modified 21.11.2024 09:01:45

An incorrect parsing of numbers with different radices vulnerability [CWE-1389] in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and...

7.5

CVE-2024-26010

  • EPSS 0.17%
  • Published 11.06.2024 15:16:04
  • Last modified 11.12.2024 19:54:35

A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 ...

4.4

CVE-2024-21754

  • EPSS 4.25%
  • Published 11.06.2024 15:16:03
  • Last modified 21.11.2024 08:54:56

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all ve...

7.8

CVE-2024-23110

  • EPSS 0.1%
  • Published 11.06.2024 15:16:03
  • Last modified 21.11.2024 08:56:57

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specia...