Lucene search
K

5900 matches found

CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Fortinet FortiWeb 缓冲区错误漏洞

Fortinet FortiWeb is a Web application layer firewall developed by the American company Fortinet. It can block threats such as cross-site scripting, SQL injection, cookie poisoning, and schema poisoning, ensuring the security of web applications and protecting sensitive database content. Fortinet...

7.2CVSS7.6AI score0.06438EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32963

An out-of-bounds write vulnerability CWE-787 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests...

7.2CVSS6.2AI score0.06438EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.12 views

Fortinet FortiManager Cloud和Fortinet FortiAnalyzer Cloud 安全漏洞

Fortinet FortiManager Cloud and Fortinet FortiAnalyzer Cloud are products of Fortinet, a US-based company. Fortinet FortiManager Cloud is a cloud-based network management software. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on FortiAnalyzer. There are security...

8.1CVSS6.3AI score0.00901EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.10 views

Fortinet FortiWeb 安全漏洞

Fortinet FortiWeb is a Web application layer firewall developed by the American company Fortinet. It can block threats such as cross-site scripting, SQL injection, cookie poisoning, and schema poisoning, ensuring the security of web applications and protecting sensitive database content. There is...

6.7CVSS6AI score0.00139EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, real-time control panels, and reporting capabilities. Versions 5.0.0 to 5.0.5,...

9.8CVSS6AI score0.16739EPSS
Exploits2References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.12 views

Fortinet FortiSandbox 操作系统命令注入漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, a real-time control panel, and reporting capabilities. Versions of Fortinet...

9.8CVSS6.2AI score0.48668EPSS
Exploits6References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

Fortinet FortiDDoS-F 安全漏洞

Fortinet FortiDDoS-F is a distributed denial-of-service protection system developed by the American company Fortinet. Versions 7.2.1 to 7.2.2 of Fortinet FortiDDoS-F contain security vulnerabilities. These vulnerabilities stem from improper handling of special elements within SQL commands, which...

8.8CVSS6AI score0.00359EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Fortinet FortiClientEMS 安全漏洞

Fortinet FortiClientEMS is part of the endpoint management solution provided by Fortinet, a company owned by Fortinet Corporation. It aims to help organizations effectively manage terminal devices within their networks and provide monitoring and control of endpoint security. There are security...

6CVSS5.8AI score0.001EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.11 views

Fortinet FortiSandbox 跨站脚本漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device features dual sandbox technology, a dynamic threat intelligence system, a real-time control panel, and reporting capabilities. Fortinet FortiSandbox has a cross-sit...

4.8CVSS5.7AI score0.00193EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.10 views

Fortinet FortiNAC-F 输入验证错误漏洞

Fortinet FortiNAC-F is a network access control solution developed by the American company Fortinet. This product is primarily used for network access control and IoT security protection. Vulnerabilities exist in versions 7.6.0 to 7.6.5, 7.4, and 7.2 of Fortinet FortiNAC-F, due to input validatio...

4.8CVSS6AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32654

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability CWE-79 vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS attack via crafted HTTP requests...

5.4CVSS5.8AI score0.00275EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.8 views

PT-2026-32691

A improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8,...

4.8CVSS6AI score0.00193EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.11 views

Fortinet FortiOS 访问控制错误漏洞

Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus protection, IPSec/SSLVPN, web content filtering, and...

8.8CVSS6AI score0.00283EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞

Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are security orchestration, automation, and response software developed by Fortinet, a US-based company. Both versions of Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise have security vulnerabilities that stem from the transmissi...

7.5CVSS5.8AI score0.00172EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.4 views

Fortinet FortiManager sqli (FG-IR-26-111)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-111 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...

7.2CVSS6AI score0.00511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.14 views

Fortinet Fortigate Missing Authentication for critical function in CAPWAP daemon (FG-IR-26-125)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-125 advisory. - A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through...

8.8CVSS6AI score0.00283EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

Fortinet FortiManager Path Traversal in CLI (FG-IR-26-120)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-120 advisory. - An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiAnalyzer...

6.5CVSS5.8AI score0.00413EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.3 views

Fortinet Fortigate Path Traversal in CLI (FG-IR-26-122)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-122 advisory. - An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS...

6.5CVSS5.9AI score0.00498EPSS
Exploits0References2
CISA
CISA
added 2026/04/13 12:0 p.m.7 views

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2012-1854link is external Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability CVE-2020-9715link is external Adobe Acrobat...

9.8CVSS5.9AI score0.94085EPSS
In wildExploits9References12
CISA KEV Catalog
CISA KEV Catalog
added 2026/04/13 12:0 a.m.11 views

Fortinet FortiClient EMS SQL Injection Vulnerability

Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests...

9.8CVSS7.7AI score0.94085EPSS
In wildExploits1
Rows per page
Query Builder