25 matches found
EUVD-2022-28521
Malicious code in bioql PyPI...
EUVD-2023-37466
Malicious code in bioql PyPI...
CVE-2023-33303
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request...
CVE-2022-29057
A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack XSS by injecting malicious payload into the...
Fortinet FortiEDR Access Control Error Vulnerability (CNVD-2025-00410)
Fortinet FortiEDR is an endpoint security solution built from the ground up by Fortinet. Fortinet FortiEDR suffers from an Access Control Error vulnerability that stems from incorrect access control. An attacker could exploit the vulnerability to obtain sensitive information...
Fortinet FortiEDR 访问控制错误漏洞
Fortinet FortiEDR is an endpoint security solution built from the ground up by Fortinet. Fortinet FortiEDR suffers from an Access Control Error vulnerability that stems from incorrect access control. An attacker could exploit the vulnerability to obtain sensitive information...
Fortinet FortiEDR Access Control Error Vulnerability (CNVD-2023-98184)
Fortinet FortiEDR is an endpoint security solution built from the ground up by Fortinet. An Access Control Error vulnerability exists in Fortinet FortiEDR Collector Windows that stems from the presence of improper access controls in the application. A local attacker could exploit the vulnerabilit...
Fortinet FortiEDR Access Control Error Vulnerability
Fortinet FortiEDR is an endpoint security solution built from the ground up by Fortinet. Fortinet FortiEDR suffers from an Access Control Error vulnerability that stems from insufficient handling of session expiration times, which can be exploited by an attacker to execute unauthorized code or...
CVE-2023-33303
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request...
Design/Logic Flaw
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request...
CVE-2023-33303
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request...
CVE-2023-33303
Fortinet FortiEDR is affected: FortiEDR 5.0.0–5.0.1 suffers from insufficient session expiration, enabling an attacker to run unauthorized code or commands via API requests. The PT-2023-6014 entry notes the issue, with no fixed version specified and recommends mitigating by restricting API access...
PT-2023-6014 · Fortinet · Fortiedr
Name of the Vulnerable Software and Affected Versions: Fortinet FortiEDR versions 5.0.0 through 5.0.1 Description: The issue is related to insufficient session expiration in Fortinet FortiEDR, which can be exploited by an attacker to execute unauthorized code or commands via an API request. This...
Fortinet FortiEDR 代码问题漏洞
Fortinet FortiEDR is an endpoint security solution built from the ground up by Fortinet. Fortinet FortiEDR suffers from an Access Control Error vulnerability that stems from insufficient handling of session expiration times, which can be exploited by an attacker to execute unauthorized code or...
Fortinet FortiEDR 安全漏洞
Fortinet FortiEDR is a built-from-scratch endpoint security solution from Fortinet, Inc. A security vulnerability exists in Fortinet FortiEDR CollectorWindows versions 4.0.0 through 4.1, 5.0.0 through 5.0.3.751, and 5.1.0 that stems from improper control of resources...
CVE-2022-29057
A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack XSS by injecting malicious payload into the...
Cross site scripting
A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiEDR version 5.1.0, 5.0.0 through 5.0.3 Patch 6 and 4.0.0 allows a remote authenticated attacker to perform a reflected cross site scripting attack XSS by injecting malicious payload into the...
Fortinet FortiEDR Denial of Service Vulnerability
Fortinet FortiEDR is a scratch-built endpoint security solution from Fortinet, U.S.A. A denial-of-service vulnerability exists in Fortinet FortiEDR versions 5.0.3 and earlier, which stems from a resource management error that could be exploited by an attacker to make an entire application...
Fortinet FortiEDR Trust Management Issue Vulnerability
Fortinet FortiEDR is a scratch-built endpoint security solution from Fortinet, U.S.A. Fortinet FortiEDR is vulnerable to a trust management issue that could be exploited by an unauthenticated attacker to disguise and spoof messages from other collectors...
Fortinet FortiEDR Trust Management Issue Vulnerability (CNVD-2022-47976)
Fortinet FortiEDR is a scratch-built endpoint security solution from Fortinet U.S.A. Fortinet FortiEDR is vulnerable to a trust management issue that stems from the use of hard-coded encrypted RSA keys, which can be exploited by local attackers to disable and offload collectors from endpoints in...