CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2767 matches found

OSV•added 2025/10/14 4:15 p.m.•0 views

CVE-2024-26008

An improper check or handling of exceptional conditions vulnerability CWE-703 in FortiOS version 7.4.0 through 7.4.3 and before 7.2.7, FortiProxy version 7.4.0 through 7.4.3 and before 7.2.9, FortiPAM before 1.2.0 and FortiSwitchManager version 7.2.0 through 7.2.3 and version 7.0.0 through 7.0.3...

5.3CVSS5.8AI score

Exploits0References1

NVD•added 2025/10/14 4:15 p.m.•1 views

CVE-2024-26008

5.3CVSS0.00079EPSS

Exploits0References1

NVD•added 2025/10/14 4:15 p.m.•3 views

CVE-2023-46718

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands...

7.8CVSS0.00023EPSS

Exploits0References1

OSV•added 2025/10/14 4:15 p.m.•0 views

CVE-2023-46718

7.8CVSS6.3AI score0.00023EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 3:23 p.m.•2 views

CVE-2025-31514

An Insertion of Sensitive Information into Log File vulnerability CWE-532 in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an attacker with at least read-only privileges to retrieve sensitive 2FA-related information via observing log...

2.7CVSS6.2AI score0.00042EPSS

Exploits0References1

Cvelist•added 2025/10/14 3:23 p.m.•4 views

CVE-2025-31514

2.7CVSS0.00042EPSS

Exploits0References1

CVE•added 2025/10/14 3:23 p.m.•7 views

CVE-2025-31514

FortiOS contains an information-disclosure flaw (CWE-532) that allows a privileged attacker with at least read-only access to retrieve sensitive 2FA-related data by reading logs or using the diagnose command. Affected products and versions include FortiOS 7.6.0–7.6.3, and all versions of 7.4, 7.2...

4.3CVSS6.2AI score0.00042EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2025/10/14 3:23 p.m.•2 views

CVE-2025-54822

An improper authorization vulnerability CWE-285 vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.8, FortiOS 7.0.0 through 7.0.11, FortiProxy 7.4.0 through 7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions allows an...

4.3CVSS5.6AI score0.00053EPSS

Exploits0References2Affected Software2

CVE•added 2025/10/14 3:23 p.m.•6 views

CVE-2025-54822

Fortinet CVE-2025-54822 affects FortiOS 7.4.0–7.4.1, 7.2.0–7.2.8, 7.0.0–7.0.11; FortiProxy 7.4.0–7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions. Description: authenticated attackers can access static files of other VDOMs via crafted HTTP/HTTPS request...

4.3CVSS6AI score0.00053EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/10/14 3:23 p.m.•3 views

CVE-2025-54822

4.3CVSS0.00053EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 3:23 p.m.•1 views

CVE-2025-54822

4.3CVSS6AI score0.00053EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 3:23 p.m.•4 views

CVE-2025-25255

An Improperly Implemented Security Check for Standard vulnerability CWE-358 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.11, FortiProxy 7.2 all versions, FortiProxy 7.0.1 through 7.0.22 may allow an unauthenticated proxy user ...

5.3CVSS6.2AI score0.00013EPSS

Exploits1References1

Cvelist•added 2025/10/14 3:23 p.m.•10 views

CVE-2025-25255

5.3CVSS0.00013EPSS

Exploits1References1

Cvelist•added 2025/10/14 3:23 p.m.•6 views

CVE-2025-25252

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL VPN 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4 all versions may allow a remote attacker e.g. a former admin whose account was removed and whose session was terminated in possessi...

4.8CVSS0.00046EPSS

Exploits1References1

Vulnrichment•added 2025/10/14 3:23 p.m.•3 views

CVE-2025-25252

4.8CVSS6.5AI score0.00046EPSS

Exploits1References1

CVE•added 2025/10/14 3:23 p.m.•8 views

CVE-2025-25252

This CVE (CVE-2025-25252) concerns an Insufficient Session Expiration (CWE-613) in FortiOS SSL VPN across multiple major releases, allowing a remote attacker with a valid SAML session record (e.g., a former admin) to access or reopen that session via re-use of the SAML record. A public POC exists...

6.5CVSS6.5AI score0.00046EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2025/10/14 3:23 p.m.•1 views

CVE-2024-26008

5.3CVSS6.6AI score0.00079EPSS

Exploits0References1

ATTACKERKB•added 2025/10/14 3:23 p.m.•1 views

CVE-2024-26008

5.3CVSS5.6AI score0.00079EPSS

Exploits0References2Affected Software4

ATTACKERKB•added 2025/10/14 3:23 p.m.•3 views

CVE-2024-47569

A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 through 7.4.2, FortiMail 7.2.0 through 7.2.6, FortiMail 7.0 all versions, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiNDR 7.6.0 throug...

4.3CVSS5.3AI score0.0001EPSS

Exploits0References2Affected Software11

Cvelist•added 2025/10/14 3:23 p.m.•5 views

CVE-2024-47569

4.3CVSS0.0001EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by