CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2973 matches found

Vulnrichment•added 2023/04/11 4:7 p.m.•10 views

CVE-2022-43947

An improper restriction of excessive authentication attempts vulnerability CWE-307 in Fortinet FortiOS version 7.2.0 through 7.2.3 and before 7.0.10, FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 administrative interface allows an attacker with a valid user account to perform brute-forc...

5CVSS7AI score0.00182EPSS

Exploits0References1

Cvelist•added 2023/04/11 4:7 p.m.•16 views

CVE-2022-43947

5CVSS8.9AI score0.00182EPSS

Exploits0References1

Vulnrichment•added 2023/04/11 4:6 p.m.•7 views

CVE-2023-22641

A url redirection to untrusted site 'open redirect' in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.9, FortiOS versions 6.4.0 through 6.4.12, FortiOS all versions 6.2, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.2, FortiProxy version 7.0.0...

4.1CVSS7.1AI score0.00185EPSS

Exploits0References1

CVE•added 2023/04/11 4:6 p.m.•68 views

CVE-2023-22641

CVE-2023-22641 is an Open Redirect vulnerability in Fortinet FortiOS and FortiProxy. Affected products and versions include FortiOS 7.2.0–7.2.3, 7.0.0–7.0.9, 6.4.0–6.4.12, 6.2.x, 6.0.x, and FortiProxy 7.2.0–7.2.2, 7.0.0–7.0.8, and all 2.0/1.2/1.1/1.0 series. The issue enables an authenticated att...

5.4CVSS5.7AI score0.00185EPSS

Exploits0References1Affected Software2

Cvelist•added 2023/04/11 4:6 p.m.•19 views

CVE-2023-22641

4.1CVSS6AI score0.00185EPSS

Exploits0References1

Cvelist•added 2023/04/11 4:5 p.m.•20 views

CVE-2022-41330

An improper neutralization of input during web page generation vulnerability 'Cross-site Scripting' CWE-79 in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9, version 6.4.0 through 6.4.11 and before 6.2.12 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allow...

8.8CVSS8.6AI score0.02646EPSS

Exploits0References1

CVE•added 2023/04/11 4:5 p.m.•71 views

CVE-2022-41330

CVE-2022-41330 is an HTML/URL input handling flaw (Cross-site Scripting) in Fortinet FortiOS and FortiProxy. Affected: FortiOS 7.2.0–7.2.3, 7.0.0–7.0.9, 6.4.0–6.4.11 and prior to 6.2.12; FortiProxy 7.2.0–7.2.1 and prior to 7.0.7. Root cause: improper neutralization of input during web page genera...

8.8CVSS6AI score0.02646EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2023/04/11 4:5 p.m.•12 views

CVE-2022-41330

8.8CVSS6.2AI score0.02646EPSS

Exploits0References1

CNNVD•added 2023/04/11 12:0 a.m.•3 views

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerabili...

8.8CVSS7.9AI score0.00182EPSS

Exploits0References2

Fortinet•added 2023/04/11 12:0 a.m.•32 views

Protect

Multiple improper neutralization of input during web page generation 'Cross-site Scripting' vulnerabilities CWE-79 in FortiOS & FortiProxy administrative interface may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP or HTTPS GET requests...

5.8CVSS6.2AI score0.02646EPSS

Exploits0Affected Software2

CNNVD•added 2023/04/11 12:0 a.m.•2 views

Fortinet FortiOS 输入验证错误漏洞

5.4CVSS5.9AI score0.00185EPSS

Exploits0References2

CNNVD•added 2023/04/11 12:0 a.m.•2 views

Fortinet FortiOS 跨站脚本漏洞

8.8CVSS5.8AI score0.02646EPSS

Exploits0References2

Fortinet•added 2023/04/11 12:0 a.m.•50 views

Protect

An improper restriction of excessive authentication attempts vulnerability CWE-307 in FortiOS & FortiProxy administrative interface may allow an attacker with a valid user account to perform brute-force attacks on other user accounts via injecting valid login sessions...

6.5CVSS8.4AI score0.00182EPSS

Exploits0Affected Software3

Positive Technologies•added 2023/04/11 12:0 a.m.•2 views

PT-2023-7425 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.2.0 through 7.2.3 FortiOS versions prior to 7.0.10 FortiProxy versions 7.2.0 through 7.2.2 FortiProxy versions prior to 7.0.8 Description: The issue is related to an improper restriction of excessive authentication attempts...

8.8CVSS8.6AI score0.00182EPSS

Exploits0References6

Fortinet•added 2023/04/11 12:0 a.m.•48 views

Protect

A URL redirection to untrusted site 'Open Redirect' vulnerability CWE-601 in FortiOS and FortiProxy sslvpnd may allow an authenticated attacker to redirect users to any arbitrary website via a crafted URL...

4.9CVSS5.4AI score0.00185EPSS

Exploits0Affected Software2

0day.today•added 2023/03/27 12:0 a.m.•276 views

FortiOS FortiProxy FortiSwitchManager v7.2.1 - Authentication Bypass Vulnerability

Exploit Title: Fortinet Authentication Bypass v7.2.1 - FortiOS, FortiProxy, FortiSwitchManager Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.fortinet.com/ Version: FortiOS from 7.2.0 to 7.2.1 FortiOS from 7.0.0 to 7.0.6 FortiProxy 7.2.0 FortiProxy from 7.0.0 to 7.0.6...

9.8CVSS9.4AI score0.94427EPSS

Exploits24

Exploit DB•added 2023/03/27 12:0 a.m.•199 views

FortiOS, FortiProxy, FortiSwitchManager v7.2.1 - Authentication Bypass

Exploit Title: Fortinet Authentication Bypass v7.2.1 - FortiOS, FortiProxy, FortiSwitchManager Date: 13/10/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.fortinet.com/ Version: FortiOS from 7.2.0 to 7.2.1 FortiOS from 7.0.0 to 7.0.6 FortiProxy 7.2.0 FortiProxy from...

9.8CVSS9.8AI score0.94427EPSS

Exploits24