Fortinet

Fortimail

42 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2024-40588

  • EPSS 0.02%
  • Published 12.08.2025 18:59:11
  • Last modified 14.08.2025 01:14:41

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0 through 7.6.1 and before 7.4.3, FortiVoice version 7.0.0 through 7.0.5 and before 7.4.9, FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4, FortiCa...

9.8

CVE-2025-32756

Warning
  • EPSS 10.06%
  • Published 13.05.2025 14:46:44
  • Last modified 25.08.2025 02:21:01

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 thr...

8.8

CVE-2023-33302

  • EPSS 0.11%
  • Published 31.03.2025 15:15:41
  • Last modified 23.07.2025 15:53:22

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 all...

5.3

CVE-2021-24008

  • EPSS 0.07%
  • Published 28.03.2025 10:13:32
  • Last modified 24.07.2025 19:57:26

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiDDoS version 5.4.0, version 5.3.2 and below, version 5.2.0, version 5.1.0, version 5.0.0, version 4.7.0, version 4.6.0, version 4.5.0, versi...

7.5

CVE-2021-26091

  • EPSS 0.06%
  • Published 24.03.2025 15:37:58
  • Last modified 23.07.2025 15:53:04

A use of a cryptographically weak pseudo-random number generator vulnerability in the authenticator of the Identity Based Encryption service of FortiMail 6.4.0 through 6.4.4, and 6.2.0 through 6.2.7 may allow an unauthenticated attacker to infer part...

9.8

CVE-2023-47539

  • EPSS 0.07%
  • Published 18.03.2025 13:56:56
  • Last modified 24.07.2025 19:11:16

An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS authentication and remote_wildcard enabled may allow a remote unauthenticated attacker to bypass admin login via a crafted HTTP request.

6.7

CVE-2024-46663

  • EPSS 0.03%
  • Published 11.03.2025 14:54:31
  • Last modified 24.07.2025 18:10:35

A stack-buffer overflow vulnerability [CWE-121] in Fortinet FortiMail CLI version 7.6.0 through 7.6.1 and before 7.4.3 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI commands.

6.1

CVE-2022-23439

  • EPSS 0.06%
  • Published 22.01.2025 10:15:07
  • Last modified 12.02.2025 13:39:42

A externally controlled reference to a resource in another sphere in Fortinet FortiManager before version 7.4.3, FortiMail before version 7.0.3, FortiAnalyzer before version 7.4.3, FortiVoice version 7.0.0, 7.0.1 and before 6.4.8, FortiProxy before v...

6.7

CVE-2024-56497

  • EPSS 0.09%
  • Published 14.01.2025 14:15:34
  • Last modified 03.02.2025 20:49:01

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 through 7.0.6 and 6.4.0 through 6.4.7, FortiRecorder versions 7.0.0 and 6.4.0 through 6.4.4 all...

8.8

CVE-2022-27488

  • EPSS 0.44%
  • Published 13.12.2023 07:15:10
  • Last modified 21.11.2024 06:55:49

A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6...