Lucene search
K

1255 matches found

CVE
CVE
added 2026/04/14 3:38 p.m.24 views

CVE-2026-22828

A heap-based buffer overflow vulnerability affects Fortinet FortiAnalyzer Cloud 7.6.2–7.6.4 and FortiManager Cloud 7.6.2–7.6.4, enabling remote unauthenticated code execution via crafted requests. Exploitation would be effortful due to ASLR and network segmentation. CVSS 3.1 v3 base score 8.1 (HI...

8.1CVSS6.5AI score0.00901EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.10 views

Fortinet多款产品 SQL注入漏洞

Fortinet FortiOS are products of the American company Fortinet. Fortinet FortiOS is a security operating system specifically designed for the FortiGate network security platform. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiProxy is a secure network...

7.2CVSS6.1AI score0.00511EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32669

Name of the Vulnerable Software and Affected Versions Fortinet FortiAnalyzer Cloud versions 7.6.2 through 7.6.4 FortiManager Cloud versions 7.6.2 through 7.6.4 Description A heap-based buffer overflow allows a remote unauthenticated attacker to execute arbitrary code or commands by sending...

8.1CVSS6.5AI score0.00901EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.12 views

Fortinet FortiManager Cloud和Fortinet FortiAnalyzer Cloud 安全漏洞

Fortinet FortiManager Cloud and Fortinet FortiAnalyzer Cloud are products of Fortinet, a US-based company. Fortinet FortiManager Cloud is a cloud-based network management software. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on FortiAnalyzer. There are security...

8.1CVSS6.3AI score0.00901EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.10 views

Fortinet多款产品 路径遍历漏洞

Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager Cloud is a cloud-based network management software...

6.5CVSS5.8AI score0.00413EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32661

An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer...

6CVSS5.8AI score0.00413EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.4 views

Fortinet FortiManager sqli (FG-IR-26-111)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-111 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...

7.2CVSS6AI score0.00511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

Fortinet FortiAnalyzer Path Traversal in CLI (FG-IR-26-120)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-120 advisory. - An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiAnalyzer...

6.5CVSS5.8AI score0.00413EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

Fortinet FortiManager Path Traversal in CLI (FG-IR-26-120)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-120 advisory. - An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiAnalyzer...

6.5CVSS5.8AI score0.00413EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.2 views

Fortinet FortiAnalyzer sqli (FG-IR-26-111)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-111 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...

7.2CVSS6AI score0.00511EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.3 views

CVE-2026-22629

An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4,...

3.7CVSS5.7AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:13 p.m.5 views

CVE-2025-68482

A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4.8,...

6.9CVSS5.8AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.3 views

CVE-2025-54820

A Stack-based Buffer Overflow vulnerability CWE-121 vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is...

8.1CVSS6AI score0.0087EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.4 views

CVE-2025-68648

A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2...

7.2CVSS5.8AI score0.00571EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.5 views

Siemens APE1808 Improper Limitation of a Pathname to a Restricted Directory (CVE-2024-48884)

A improper limitation of a pathname to a restricted directory 'path traversal' in Fortinet FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.5 through 7.2.9, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5,...

9.1CVSS5.9AI score0.14944EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

Siemens APE1808 Weak Authentication (CVE-2024-48886)

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10, 7.0.0 through 7.0.17, 2.0.0 through 2.0.14, FortiManager versions 7.6.0 through 7.6.1, 7.4.1...

9.8CVSS6AI score0.00462EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.9 views

Siemens APE1808 Authentication Bypass Using an Alternate Path or Channel (CVE-2026-24858)

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.5, FortiAnalyzer 7.4.0 through 7.4.9, FortiAnalyzer 7.2.0 through 7.2.11, FortiAnalyzer 7.0.0 through 7.0.15, FortiManager 7.6.0 through 7.6.5, FortiManager...

9.8CVSS7AI score0.85844EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.5 views

Siemens APE1808 Improper Restriction of Communication Channel to Intended Endpoints (CVE-2024-50565)

A improper restriction of communication channel to intended endpoints vulnerability CWE-923 in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15 and 6.2.0 through 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References2
NCSC
NCSC
added 2026/03/11 9:19 a.m.8 views

Vulnerabilities fixed in Fortinet FortiManager and FortiAnalyzer

Fortinet has fixed vulnerabilities in FortiAnalyzer and FortiManager including cloud variants. The vulnerability with reference CVE-2025-54820 is in FortiManager. This vulnerability allows a remote unauthenticated malicious person to execute unauthorized commands via a stack-based buffer overflow...

8.1CVSS6.3AI score0.0087EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10517

An improper restriction of excessive authentication attempts vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4 all versions, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud...

3.7CVSS5.7AI score0.00369EPSS
Exploits0References2
Rows per page
Query Builder