EUVD-2024-36133

Malicious code in bioql PyPI...

EUVD-2024-38529

Malicious code in bioql PyPI...

EUVD-2024-44585

Malicious code in bioql PyPI...

EUVD-2022-43952

Malicious code in bioql PyPI...

EUVD-2022-30680

Malicious code in bioql PyPI...

EUVD-2022-36916

Malicious code in bioql PyPI...

The vulnerability of Fortinet FortiClient Windows security devices, which stems from the use of a strictly encrypted cryptographic key, allows attackers to gain unauthorized access to protected information.

The vulnerability of Fortinet FortiClient Windows protection lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Exploit for Improper Access Control in Fortinet Forticlient

CVE-2024-40586 Windows Coerced Authentication in FortiClient...

CVE-2024-54019

A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection...

CVE-2025-24471

An Improper Certificate Validation vulnerability CWE-295 in FortiOS version 7.6.1 and below, version 7.4.7 and below may allow an EAP verified remote user to connect from FortiClient via revoked certificate...

CVE-2024-54019

A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection...

CVE-2023-48786

A server-side request forgery vulnerability CWE-918 in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform internal requests via crafted HTTP or HTTPS requests...

CVE-2024-54019

A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection...

CVE-2024-54019

A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection...

CVE-2024-54019

CVE-2024-54019 concerns Fortinet FortiClientWindows. The issue is an improper validation of certificates with host mismatch across FortiClientWindows versions 7.0, and 7.2.0–7.2.6, plus 7.4.0. This flaw allows an unauthenticated attacker to redirect VPN connections (e.g., via DNS spoofing or othe...

PT-2025-24711 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientWindows versions 7.0 through 7.2.6 Fortinet FortiClientWindows version 7.4.0 Description: The issue is related to an improper validation of certificates with host mismatch, allowing an unauthorized attacker to redirect VPN...

Fortinet FortiClient IPsec improper validation of certificate with host mismatch (FG-IR-24-365)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-365 advisory. - A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0...

CVE-2025-24473

A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortinet FortiClientWindows 7.2.0 through 7.2.1, FortiClientWindows 7.0.13 through 7.0.14 may allow an unauthorized remote attacker to view application information via navigation to a hosted webpage, if...

CVE-2025-25251

An Incorrect Authorization vulnerability CWE-863 in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a local attacker to escalate privileges via crafted XPC messages...

CVE-2025-25251

An Incorrect Authorization vulnerability CWE-863 in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a local attacker to escalate privileges via crafted XPC messages...