CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2973 matches found

CVE•added 2023/10/10 4:48 p.m.•72 views

CVE-2023-33301

Fortinet FortiOS contains an improper access control vulnerability in the REST API (CWE-284) that can let an attacker access a restricted resource from a non-trusted host. Affected products/versions per the CVE entry and advisory: FortiOS 7.2.0–7.2.4 and 7.4.0. Mitigation: upgrade to FortiOS 7.4....

6.5CVSS4.5AI score0.00131EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/10/10 4:48 p.m.•11 views

CVE-2023-33301

An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host...

6.5CVSS6.7AI score0.00131EPSS

Exploits0References1

Cvelist•added 2023/10/10 4:48 p.m.•13 views

CVE-2023-33301

An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted host...

6.5CVSS6.6AI score0.00131EPSS

Exploits0References1

Fortinet•added 2023/10/10 12:0 a.m.•55 views

Protect

An improper access control vulnerability CWE-284 in the FortiOS REST API component may allow an authenticated attacker to access a restricted resource from a non trusted host...

4CVSS6.7AI score0.00131EPSS

Exploits0Affected Software1

CNNVD•added 2023/10/10 12:0 a.m.•3 views

Fortinet FortiOS IPS Engine Security Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering, and antispam security features. A security vulnerability exists in the...

7.5CVSS6.7AI score0.00031EPSS

Exploits0References3

CNNVD•added 2023/10/10 12:0 a.m.•10 views

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. An Access Control Error...

6.5CVSS6.6AI score0.00131EPSS

Exploits0References3

Positive Technologies•added 2023/10/10 12:0 a.m.•5 views

PT-2023-5999 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.2.0 through 7.2.4 Fortinet FortiOS version 7.4.0 Description: The issue is related to improper access control in the FortiOS REST API component, allowing an attacker to access restricted resources from non-trusted...

6.5CVSS4.5AI score0.00131EPSS

Exploits0References6

Fortinet•added 2023/10/10 12:0 a.m.•38 views

Protect

An improper authorization vulnerability CWE-285 in FortiOS's WEB UI component may allow an authenticated attacker belonging to the prof-admin profile to perform elevated actions...

6.5CVSS6.7AI score0.00244EPSS

Exploits0Affected Software1

CNNVD•added 2023/10/10 12:0 a.m.•3 views

Fortinet FortiOS Security Vulnerabilities

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerabili...

8.8CVSS6.7AI score0.00244EPSS

Exploits0References3

Fortinet•added 2023/10/10 12:0 a.m.•31 views

Protect

A use of GET request method with sensitive query strings vulnerability CWE-598 in the FortiOS SSL VPN component may allow an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services found in logs, referers,...

5CVSS6.7AI score0.00192EPSS

Exploits0Affected Software1

Fortinet•added 2023/10/10 12:0 a.m.•29 views

Protect

An improper neutralization of script-related HTML tags in a web page vulnerability CWE-80 in FortiOS may allow a remote authenticated attacker to inject script related HTML tags via the SAML and Security Fabric components...

4.9CVSS6.5AI score0.00124EPSS

Exploits0Affected Software1

Positive Technologies•added 2023/10/10 12:0 a.m.•2 views

PT-2023-6004 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.0.0 through 7.0.12 Fortinet FortiOS versions 7.2.0 through 7.2.5 Fortinet FortiOS version 7.4.0 Description: The issue is related to the use of the GET request method with sensitive query strings in Fortinet FortiO...

7.8CVSS7.2AI score0.00192EPSS

Exploits0References6

CNNVD•added 2023/10/10 12:0 a.m.•3 views

Fortinet FortiOS Cross-Site Scripting Vulnerability

5.4CVSS6.6AI score0.00124EPSS

Exploits0References3

CNNVD•added 2023/10/10 12:0 a.m.•2 views

Fortinet FortiOS and FortiProxy Resource Management Error Vulnerability

Fortinet FortiOS and Fortinet FortiProxy are both products of Fortinet, Inc. Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content...

5.3CVSS6.8AI score0.00402EPSS

Exploits0References3

Fortinet•added 2023/10/10 12:0 a.m.•20 views

Protect

A use after free vulnerability CWE-416 in FortiOS & FortiProxy may allow an unauthenticated remote attacker to crash the Web Proxy process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection...

5CVSS7.2AI score0.00402EPSS

Exploits0Affected Software2

Positive Technologies•added 2023/10/10 12:0 a.m.•2 views

PT-2023-6005 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.0.0 through 7.0.11 Fortinet FortiOS versions 7.2.0 through 7.2.4 Description: The issue is related to an improper authorization vulnerability in Fortinet FortiOS, which may allow an attacker belonging to the...

9CVSS8.4AI score0.00244EPSS

Exploits0References7

Positive Technologies•added 2023/10/10 12:0 a.m.•3 views

PT-2023-6002 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.0.0 through 7.0.10 FortiOS versions 7.2.0 through 7.2.4 FortiProxy versions 7.0.0 through 7.0.8 FortiProxy versions 7.2.0 through 7.2.2 Description: A use after free vulnerability in FortiOS and FortiProxy may allow an...

10CVSS5.4AI score0.00402EPSS

Exploits0References7

CNNVD•added 2023/10/10 12:0 a.m.•2 views

Fortinet FortiOS Security Vulnerabilities

7.5CVSS6.7AI score0.00192EPSS

Exploits0References3

Tenable Nessus•added 2023/09/29 12:0 a.m.•81 views

Fortinet FortiProxy - SMTP password ciphertext exposure in Log (FG-IR-22-455)

The version of FortiProxy installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-455 advisory. - An insertion of sensitive information into log file vulnerability CWE-532 in FortiOS / FortiProxy log events may allow a...

6.5CVSS6.5AI score0.0025EPSS

Exploits0References2

Tenable Nessus•added 2023/09/29 12:0 a.m.•30 views

Fortinet FortiProxy's map server (FG-IR-22-468)

The version of FortiProxy installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-468 advisory. - An improper certificate validation vulnerability CWE-295 in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through...

4.8CVSS5.3AI score0.00134EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by