Lucene search
K

312 matches found

BDU FSTEC
BDU FSTEC
added 2018/11/01 12:0 a.m.5 views

The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure, allowing attackers to inject arbitrary JavaScript or HTML code.

The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code remotely...

6.1CVSS5.6AI score0.01407EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/10/31 12:0 a.m.5 views

The vulnerability in the FortiOS operating system’s web portal allows a hacker to inject any desired JavaScript or HTML code.

The vulnerability of the FortiOS operating system’s web portal stems from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using a specially crafted value for the “redir” parameter...

5.4CVSS5.7AI score0.03718EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/10/31 12:0 a.m.8 views

The vulnerability in the implementation of the TLS protocol in the FortiOS operating system allows a attacker to decrypt messages without knowing the secret key, thereby carrying out a “man-in-the-middle” attack.

Vulnerability of the TLS protocol implementation in the FortiOS operating system, caused by deficiencies in the implementation of the encryption algorithm. Exploiting this vulnerability allows a malicious actor to decrypt messages without knowing the secret key, thereby carrying out a...

7.5CVSS5.5AI score0.01134EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/10/31 12:0 a.m.6 views

The vulnerability of the “Replacement Messages” component of the FortiOS operating system’s web interface, allowing a hacker to inject arbitrary JavaScript or HTML code

The vulnerability of the Replacement Messages component in the FortiOS operating system’s web interface arises due to insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code remotely...

6.1CVSS5.6AI score0.08869EPSS
Exploits5References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/10/31 12:0 a.m.7 views

The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure, allowing attackers to inject arbitrary JavaScript or HTML code.

The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using a specially crafted HTTP request header named “Host”...

6.1CVSS5.7AI score0.01075EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2018/06/26 12:0 a.m.3 views

Fortinet FortiOS Information Disclosure Vulnerability (CNVD-2018-13969)

Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. An information...

8.1CVSS7.6AI score0.02149EPSS
Exploits0References1
OSV
OSV
added 2017/11/13 2:29 p.m.5 views

CVE-2017-7739

A reflected Cross-site Scripting XSS vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5.2.11 allows an unauthenticated attacker to inject arbitrary web script or HTML in the context of the victim's browser via sending a maliciously craft...

6.1CVSS5.9AI score0.01076EPSS
Exploits0References3
OSV
OSV
added 2017/09/12 2:29 a.m.4 views

CVE-2017-7734

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 allows attackers to execute unauthorized code or commands via 'Comments' while saving Config Revisions...

5.4CVSS5.9AI score0.00787EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2016/09/28 12:0 a.m.5 views

VulnCheck KEV: CVE-2016-6909

Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code via a crafted HTTP request, aka EGREGIOUSBLUNDER...

10CVSS7.7AI score0.49856EPSS
Exploits2References1
BDU FSTEC
BDU FSTEC
added 2016/09/19 12:0 a.m.6 views

The vulnerability of the FortiOS operating system and the micro-programming software for network switches FortiSwitch allows a hacker to execute arbitrary code.

The vulnerability of the FortiOS operating system’s parser and the FortiSwitch network switch’s microprogramming software is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted HTTP request...

10CVSS8.6AI score0.49856EPSS
Exploits2References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/01/28 12:0 a.m.6 views

The vulnerability of the FortiOS operating system, the FortiAnalyzer network interface controller, and the micro-programming software of the FortiSwitch devices allow a perpetrator to gain access to protected information.

The vulnerabilities of the FortiOS operating system, the FortiAnalyzer network interface controller, and the FortiSwitch micro-programming software are related to deficiencies in access control. Exploiting these vulnerabilities can allow a malicious actor, operating remotely, to gain access to...

10CVSS7.8AI score0.71268EPSS
Exploits8References9Affected Software3
CNVD
CNVD
added 2015/07/30 12:0 a.m.2 views

Fortinet FortiGate FortiOS Security Bypass Vulnerability

Fortinet FortiGate running FortiOS is a set of security operating system developed by American Fitta Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security feature...

6.7AI score
Exploits0References1
Rows per page
Query Builder