2767 matches found
CVE-2025-25248
An Integer Overflow or Wraparound vulnerability CWE-190 in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and...
CVE-2025-25248
Fortinet CVE-2025-25248 is an Integer Overflow (CWE-190) affecting FortiOS and related Fortinet SSL-VPN components, including FortiOS, FortiProxy, and FortiPAM. The issue concerns SSL-VPN RDP and VNC bookmarks that may allow an authenticated user to affect device availability via crafted requests...
CVE-2025-25248
An Integer Overflow or Wraparound vulnerability CWE-190 in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and...
CVE-2023-45584
A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.4.0 through 7.4.1, FortiProxy 7.2.0 through 7.2.7, FortiProxy 7.0.0...
CVE-2023-45584
CVE-2023-45584 is a double free vulnerability (CWE-415) in multiple Fortinet products: FortiOS (versions 6.4; 7.0.0–7.0.12; 7.2.0–7.2.5; 7.4.0), FortiPAM (1.0–1.1.x), and FortiProxy (7.0.0–7.0.13; 7.2.0–7.2.7; 7.4.0–7.4.1) that allows a privileged attacker to execute code via crafted HTTP/HTTPS r...
CVE-2023-45584
A double free vulnerability CWE-415 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiProxy 7.4.0 through 7.4.1, FortiProxy 7.2.0 through 7.2.7, FortiProxy 7.0.0...
CVE-2025-53744
CVE-2025-53744 affects FortiOS Security Fabric across multiple lines: FortiOS Security Fabric versions 7.6.0–7.6.2, 7.4.0–7.4.7, 7.2, 7.0, and 6.4 all are vulnerable to an improper privilege assignment (CWE-266) that can let a remote authenticated attacker with high privileges escalate to super-a...
CVE-2025-53744
An incorrect privilege assignment vulnerability CWE-266 in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via...
CVE-2025-53744
An incorrect privilege assignment vulnerability CWE-266 in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via...
CVE-2025-53744
An incorrect privilege assignment vulnerability CWE-266 in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via...
PT-2025-32884 · Fortinet · Fortios Security Fabric
Name of the Vulnerable Software and Affected Versions: FortiOS Security Fabric versions 6.4 all versions FortiOS Security Fabric versions 7.0 all versions FortiOS Security Fabric versions 7.2 all versions FortiOS Security Fabric versions 7.4.0 through 7.4.7 FortiOS Security Fabric versions 7.6.0...
PT-2025-32869 · Fortinet · Fortipam +2
Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.2.0 through 7.2.5 and prior to 7.0.12 Fortinet FortiProxy versions 7.2.0 through 7.2.7 and prior to 7.0.13 Fortinet FortiPAM versions 1.1.0 through 1.1.2 and prior to 1.0.3 Fortinet FortiOS version 7.4.0 Fortinet...
Fortinet Fortigate Double free in automation-stitch (FG-IR-23-209)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-209 advisory. - A double free vulnerability CWE-415 in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12,...
Fortinet FortiOS Security Fabric 安全漏洞
Fortinet FortiOS Security Fabric is a network security platform from Fortinet, Inc. A security vulnerability exists in Fortinet FortiOS Security Fabric versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all, 7.0 all, and 6.4 all, which stems from an improper assignment of privileges and could...
Fortinet多款产品 资源管理错误漏洞
Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologie...
Fortinet多款产品 安全漏洞
Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees by combining a variety of detection technologies such as Web...
PT-2025-32870
Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 6.4.0 through 6.4.15 and versions prior to 6.2.16 Fortinet FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and versions prior to 7.0.15 Fortinet FortiPAM versions prior to 1.2.0 Description: An...
PT-2025-32874 · Fortinet · Fortipam +2
Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 7.6.3 FortiProxy versions prior to 7.6.3 FortiPAM versions prior to 1.5.1 Description: An Integer Overflow or Wraparound vulnerability CWE-190 may allow an authenticated user to affect the device’s SSL-VPN availabili...
Fortinet多款产品 输入验证错误漏洞
Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy SSL VPN is a software application.Fortinet FortiPAM is a platform for privilege access control. An input validation...
Fortinet Fortigate Weak authentication - FGFM protocol (FG-IR-24-042)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-042 advisory. - An authentication bypass using an alternate path or channel CWE-288 vulnerability in Fortinet FortiOS version 6.4.0 through...