CVE-2019-17656
- EPSS 2.73%
- Veröffentlicht 12.04.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 04:32:42
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by sending a ma...
CVE-2021-22128
- EPSS 0.21%
- Veröffentlicht 04.03.2021 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:49:33
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below versions may allow an authenticated, remote attacker to access internal service such as the ZebOS Shell on the FortiProxy appliance through the Quick Connect...
CVE-2020-6648
- EPSS 0.22%
- Veröffentlicht 21.10.2020 14:15:20
- Zuletzt bearbeitet 21.11.2024 05:36:05
A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passw...
CVE-2018-13379
- EPSS 94.47%
- Veröffentlicht 04.06.2019 21:29:00
- Zuletzt bearbeitet 24.10.2025 12:53:03
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal all...
CVE-2018-13380
- EPSS 22.88%
- Veröffentlicht 04.06.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:59
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal allows attacker to execute unauthorized malicious sc...
CVE-2018-13381
- EPSS 0.53%
- Veröffentlicht 04.06.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:46:59
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-o...
CVE-2018-13382
- EPSS 87.08%
- Veröffentlicht 04.06.2019 21:29:00
- Zuletzt bearbeitet 24.10.2025 12:52:57
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify ...
CVE-2018-13383
- EPSS 1.76%
- Veröffentlicht 29.05.2019 18:29:00
- Zuletzt bearbeitet 24.10.2025 12:54:16
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged ...