CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2767 matches found

NVD•added 2025/03/24 4:15 p.m.•11 views

CVE-2023-25610

A buffer underwrite 'buffer underflow' vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, versio...

9.8CVSS0.17237EPSS

Exploits1References1

EUVD•added 2025/03/24 3:39 p.m.•4 views

EUVD-2023-29551

9.8CVSS7.8AI score0.17237EPSS

Exploits1References2

Vulnrichment•added 2025/03/24 3:39 p.m.•13 views

CVE-2023-25610

9.8CVSS8.6AI score0.17237EPSS

Exploits1References1

Cvelist•added 2025/03/24 3:39 p.m.•32 views

CVE-2023-25610

9.8CVSS0.17237EPSS

Exploits1References1

NVD•added 2025/03/21 4:15 p.m.•12 views

CVE-2019-16151

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiOS 6.4.1 and below, 6.2.9 and below may allow a remote unauthenticated attacker to either redirect users to malicious websites via a crafted "Host" header or to execute JavaScript code in the victim's...

6.1CVSS0.00112EPSS

Exploits0References1

OSV•added 2025/03/21 4:15 p.m.•1 views

CVE-2019-16151

6.1CVSS5.9AI score

Exploits0References1

Vulnrichment•added 2025/03/21 4:2 p.m.•9 views

CVE-2019-16151

4.7CVSS5.2AI score0.00112EPSS

Exploits0References1

Cvelist•added 2025/03/21 4:2 p.m.•12 views

CVE-2019-16151

4.7CVSS0.00112EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 2:25 p.m.•7 views

CVE-2020-9295

FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6.00144 and below and FortiClient 6.2 running AV engine version 6.00137 and below may not immediately detect certain types of malformed or non-standard RAR archives, potentially containing malicious...

7.5CVSS7.3AI score0.00299EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 1:17 p.m.•5 views

CVE-2019-15706

An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy version 2.0.0, version 1.2.9 and below and FortiOS version 6.2.1 and below, version 6.0.8 and below, version 5.6.12 may allow a remote authenticated attacker to perform a stored cross site scripting...

5.4CVSS5.8AI score0.00098EPSS

Exploits0References1

RedhatCVE•added 2025/03/19 1:16 p.m.•7 views

CVE-2020-29010

An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay allow remote authenticated actors to read the SSL VPN events log entries of users in other VDOMs by executing "get vpn ssl monitor" from the CLI. The sensiti...

5CVSS6.1AI score0.00128EPSS

Exploits0

CISA•added 2025/03/18 12:0 p.m.•10 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24472link is external Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability CVE-2025-30066link is external tj-actions/changed-files GitHub Action...

8.6CVSS7.6AI score0.9183EPSS

In wildExploits2References7

CISA KEV Catalog•added 2025/03/18 12:0 a.m.•26 views

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests...

8.1CVSS7.8AI score0.10434EPSS

In wildExploits0

NVD•added 2025/03/17 2:15 p.m.•10 views

CVE-2020-29010

5CVSS0.00128EPSS

Exploits0References1

NVD•added 2025/03/17 2:15 p.m.•5 views

CVE-2020-9295

7.5CVSS0.00299EPSS

Exploits0References1

OSV•added 2025/03/17 2:15 p.m.•1 views

CVE-2020-9295