Lucene search
K

136 matches found

CNNVD
CNNVD
added 2025/10/14 12:0 a.m.6 views

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiManager is a centralized network security management platform.Fortinet FortiSwitchManager is a network switch management too...

4.3CVSS6.1AI score0.00435EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiPAM is a platform for privilege access control.Fortinet FortiSRA is Fortinet FortiSRA is a secure remote access software. A...

7.2CVSS7.1AI score0.00523EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.3 views

Fortinet FortiSwitchManager和Fortinet FortiPAM 安全漏洞

FortiPAM is Fortinet's privileged access management solution for centralized management of sensitive enterprise credentials. A security vulnerability exists in Fortinet FortiPAM that stems from an insufficiently strong authentication mechanism. An attacker could exploit the vulnerability to execu...

9.8CVSS7.4AI score0.00582EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.5 views

PT-2025-41946

A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0...

6.5CVSS7.6AI score0.00523EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.5 views

Fortinet多款产品 代码问题漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologie...

5.3CVSS6.8AI score0.00434EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.9 views

Fortinet Fortigate FGFM protocol allows unauthenticated reset of the connection (FG-IR-24-041)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-041 advisory. - An improper check or handling of exceptional conditions vulnerability CWE-703 in FortiOS version 7.4.0 through 7.4.3 and...

5.3CVSS5.6AI score0.00434EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48715

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00443EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-45544

Malicious code in bioql PyPI...

6.5CVSS3.9AI score0.00642EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2023-40579

Malicious code in bioql PyPI...

7.1CVSS5.5AI score0.00382EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/06/29 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-41335

A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8 and before 6.4.10, FortiProxy version 7.2.0 through 7.2.1, 7.0.0 through 7.0.7 and before 2.0.10, FortiSwitchManager 7.2.0 and before 7.0.0 allows an authenticated attacker to read...

8.8CVSS5.8AI score0.00927EPSS
In wildExploits0References2
RedhatCVE
RedhatCVE
added 2025/05/30 8:1 a.m.13 views

CVE-2025-22252

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin...

9.8CVSS7.1AI score0.00804EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/28 8:15 a.m.2 views

CVE-2025-22252

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin...

9.8CVSS5.8AI score0.00804EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2025/05/28 8:15 a.m.3 views

CVE-2025-22252

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin...

7.2CVSS5.8AI score0.00804EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/28 7:55 a.m.11 views

CVE-2025-22252

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with knowledge of an existing admin account to access the device as a valid admin...

9.8CVSS7.1AI score0.00804EPSS
Exploits0References1
CVE
CVE
added 2025/05/28 7:55 a.m.141 views

CVE-2025-22252

CVE-2025-22252 describes a missing authentication for critical functions in Fortinet products: FortiProxy (7.6.0–7.6.1), FortiSwitchManager (7.2.5), and FortiOS (7.4.4–7.4.6 and 7.6.0). The root cause is an authentication bypass that could let an attacker who knows an existing admin account acces...

9.8CVSS9.5AI score0.00804EPSS
Exploits0References1Affected Software3
RedhatCVE
RedhatCVE
added 2025/05/23 8:52 a.m.5 views

CVE-2024-26010

A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0...

7.5CVSS7.9AI score0.00786EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:22 a.m.22 views

CVE-2024-26011

A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0....

9.8CVSS7.7AI score0.00589EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:3 a.m.24 views

CVE-2023-36635

An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2 7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API...

7.1CVSS6.6AI score0.00382EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:33 a.m.6 views

CVE-2022-45862

An insufficient session expiration vulnerability CWE-613 vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions; FortiSwitchManager 7.2.1 and below...

8.8CVSS6.8AI score0.00443EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:2 a.m.13 views

CVE-2022-42474

A relative path traversal vulnerability CWE-23 in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged...

6.5CVSS6.8AI score0.00642EPSS
Exploits0References1
Rows per page
Query Builder