19 matches found
EUVD-2023-45274
Malicious code in bioql PyPI...
EUVD-2021-29713
Malicious code in bioql PyPI...
EUVD-2023-41785
Malicious code in bioql PyPI...
CVE-2023-37932
An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability CWE-22 in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests...
CVE-2021-42755
An integer overflow / wraparound vulnerability CWE-190 in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x;...
CVE-2023-37932
An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability CWE-22 in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests...
CVE-2022-27488
A cross-site request forgery CSRF in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2,...
CVE-2022-27488
A cross-site request forgery CSRF in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2,...
Cross site request forgery (csrf)
A cross-site request forgery CSRF in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2,...
CVE-2022-27488
CVE-2022-27488 describes a cross-site request forgery (CSRF) vulnerability in multiple Fortinet products (FortiVoiceEnterprise, FortiSwitch, FortiMail, FortiRecorder, FortiNDR) where an unauthenticated attacker can cause an authenticated admin to trigger commands on the CLI via a crafted HTTP GET...
Fortinet FortiVoice Security Vulnerability
Fortinet FortiSwitch and others are products of Fortinet, Inc. FortiSwitch is a switch product and Fortinet FortiVoice is a product of tine and others are products of tine, Inc. tine is a team collaboration software. A security vulnerability exists in Fortinet FortiVoiceEnterprise, FortiSwitch,...
PT-2023-8025 · Fortinet · Fortiswitch +4
Name of the Vulnerable Software and Affected Versions: FortiVoiceEnterprise versions 6.0.x through 6.4.x FortiSwitch versions 6.0.x through 7.0.4 FortiMail versions 6.0.x through 7.0.3 FortiRecorder versions 2.6.x through 6.4.2 FortiNDR version 1.x.x Description: A cross-site request forgery CSRF...
CVE-2021-42755
An integer overflow / wraparound vulnerability CWE-190 in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x;...
Integer overflow
An integer overflow / wraparound vulnerability CWE-190 in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x;...
CVE-2021-42755
CVE-2021-42755 is an integer overflow/wraparound (CWE-190) in Fortinet devices, affecting FortiOS, FortiProxy, FortiSwitch, FortiRecorder, and FortiVoiceEnterprise across multiple 7.x/6.x branches. The vulnerability concerns the dhcpd daemon and can let an unauthenticated, network-adjacent attack...
CVE-2021-42755
An integer overflow / wraparound vulnerability CWE-190 in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x;...
Protect
An integer overflow / wraparound vulnerability CWE-190 in the FortiOS, FortiProxy, FortiSwitch, FortiRecoder, and FortiVoiceEnterprise dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service...
PT-2022-11679 · Fortinet · Fortiswitch +4
Name of the Vulnerable Software and Affected Versions: FortiSwitch versions 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x FortiRecorder versions 6.4.2 and below, 6.0.10 and below FortiOS versions 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x FortiProxy versions 7.0.0, 2.0.6 and below...
CVE-2020-9294
An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to access the system as a legitimate user by requesting a password change via the user interface...