Fortinet

Fortios

258 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2024-21754

  • EPSS 5.71%
  • Veröffentlicht 11.06.2024 15:16:03
  • Zuletzt bearbeitet 21.11.2024 08:54:56

A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all ve...

7.8

CVE-2024-23110

  • EPSS 0.15%
  • Veröffentlicht 11.06.2024 15:16:03
  • Zuletzt bearbeitet 21.11.2024 08:56:57

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specia...

4.8

CVE-2024-23111

  • EPSS 0.17%
  • Veröffentlicht 11.06.2024 15:16:03
  • Zuletzt bearbeitet 21.11.2024 08:56:57

An improper neutralization of input during web page Generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all ve...

7.8

CVE-2023-46720

  • EPSS 0.07%
  • Veröffentlicht 11.06.2024 15:15:55
  • Zuletzt bearbeitet 21.11.2024 08:29:08

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or...

7.5

CVE-2024-26007

  • EPSS 0.25%
  • Veröffentlicht 14.05.2024 17:15:40
  • Zuletzt bearbeitet 11.12.2024 19:55:59

An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests.

7.2

CVE-2023-46714

  • EPSS 0.18%
  • Veröffentlicht 14.05.2024 17:15:25
  • Zuletzt bearbeitet 21.11.2024 08:29:08

A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTT...

5

CVE-2023-45586

  • EPSS 0.22%
  • Veröffentlicht 14.05.2024 17:15:24
  • Zuletzt bearbeitet 21.11.2024 08:27:00

An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1,...

7.2

CVE-2023-45583

  • EPSS 0.21%
  • Veröffentlicht 14.05.2024 17:15:22
  • Zuletzt bearbeitet 21.11.2024 08:27:00

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4....

7.2

CVE-2023-44247

  • EPSS 0.23%
  • Veröffentlicht 14.05.2024 17:15:20
  • Zuletzt bearbeitet 21.11.2024 08:25:30

A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.

6.7

CVE-2023-36640

  • EPSS 0.09%
  • Veröffentlicht 14.05.2024 17:15:16
  • Zuletzt bearbeitet 21.11.2024 08:10:09

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, Forti...