Fortinet多款产品 日志信息泄露漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform.Fortinet FortiPAM is a platform for privilege access control.Fortinet FortiSRA is a secure remote access software. A log information...

CVE-2025-22258

A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0...

EUVD-2025-17802

Malicious code in bioql PyPI...

CVE-2025-22256

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests...

CVE-2025-22256

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests...

CVE-2025-22256

A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows attacker to improper access control via specially crafted HTTP requests...

CVE-2025-22256

CVE-2025-22256 affects Fortinet FortiPAM and FortiSRA where improper handling of permissions enables improper access control via specially crafted HTTP requests. Affected: FortiPAM 1.0.0–1.4.1 and FortiSRA 1.4.0–1.4.1 (per multiple connected sources). Root cause: insufficient permissions handling...

PT-2025-24715 · Fortinet · Fortipam +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiPAM versions 1.0.0 through 1.4.1 Fortinet FortiSRA versions 1.4.0 through 1.4.1 Description: The issue is related to improper handling of insufficient permissions or privileges, allowing for improper access control via specially...