5900 matches found
Fortinet FortiWeb 缓冲区错误漏洞
Fortinet FortiWeb is a Web application layer firewall developed by the American company Fortinet. It can block threats such as cross-site scripting, SQL injection, cookie poisoning, and schema poisoning, ensuring the security of web applications and protecting sensitive database content. Fortinet...
PT-2026-32963
An out-of-bounds write vulnerability CWE-787 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11 may allow a remote privileged attacker to execute arbitrary code or command via crafted HTTP requests...
Fortinet FortiManager Cloud和Fortinet FortiAnalyzer Cloud 安全漏洞
Fortinet FortiManager Cloud and Fortinet FortiAnalyzer Cloud are products of Fortinet, a US-based company. Fortinet FortiManager Cloud is a cloud-based network management software. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on FortiAnalyzer. There are security...
Fortinet FortiWeb 安全漏洞
Fortinet FortiWeb is a Web application layer firewall developed by the American company Fortinet. It can block threats such as cross-site scripting, SQL injection, cookie poisoning, and schema poisoning, ensuring the security of web applications and protecting sensitive database content. There is...
Fortinet FortiSandbox 安全漏洞
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, real-time control panels, and reporting capabilities. Versions 5.0.0 to 5.0.5,...
Fortinet FortiSandbox 操作系统命令注入漏洞
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, a real-time control panel, and reporting capabilities. Versions of Fortinet...
Fortinet FortiDDoS-F 安全漏洞
Fortinet FortiDDoS-F is a distributed denial-of-service protection system developed by the American company Fortinet. Versions 7.2.1 to 7.2.2 of Fortinet FortiDDoS-F contain security vulnerabilities. These vulnerabilities stem from improper handling of special elements within SQL commands, which...
Fortinet FortiClientEMS 安全漏洞
Fortinet FortiClientEMS is part of the endpoint management solution provided by Fortinet, a company owned by Fortinet Corporation. It aims to help organizations effectively manage terminal devices within their networks and provide monitoring and control of endpoint security. There are security...
Fortinet FortiSandbox 跨站脚本漏洞
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device features dual sandbox technology, a dynamic threat intelligence system, a real-time control panel, and reporting capabilities. Fortinet FortiSandbox has a cross-sit...
Fortinet FortiNAC-F 输入验证错误漏洞
Fortinet FortiNAC-F is a network access control solution developed by the American company Fortinet. This product is primarily used for network access control and IoT security protection. Vulnerabilities exist in versions 7.6.0 to 7.6.5, 7.4, and 7.2 of Fortinet FortiNAC-F, due to input validatio...
PT-2026-32654
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability CWE-79 vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.4, FortiSandbox PaaS 5.0.0 through 5.0.4 may allow an attacker to perform an XSS attack via crafted HTTP requests...
PT-2026-32691
A improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox PaaS 5.0.0 through 5.0.5, FortiSandbox PaaS 4.4.0 through 4.4.8,...
Fortinet FortiOS 访问控制错误漏洞
Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus protection, IPSec/SSLVPN, web content filtering, and...
Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞
Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are security orchestration, automation, and response software developed by Fortinet, a US-based company. Both versions of Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise have security vulnerabilities that stem from the transmissi...
Fortinet FortiManager sqli (FG-IR-26-111)
The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-111 advisory. - An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet...
Fortinet Fortigate Missing Authentication for critical function in CAPWAP daemon (FG-IR-26-125)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-125 advisory. - A missing authentication for critical function vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through...
Fortinet FortiManager Path Traversal in CLI (FG-IR-26-120)
The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-120 advisory. - An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiAnalyzer...
Fortinet Fortigate Path Traversal in CLI (FG-IR-26-122)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-122 advisory. - An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS...
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2012-1854link is external Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability CVE-2020-9715link is external Adobe Acrobat...
Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests...