Lucene search
K

5914 matches found

Cvelist
Cvelist
added 2014/10/31 2:0 p.m.41 views

CVE-2014-2335

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336...

5.6AI score0.01148EPSS
Exploits0References3
CVE
CVE
added 2014/10/31 2:0 p.m.61 views

CVE-2014-2336

Fortinet FortiManager/ FortiAnalyzer are affected by multiple XSS vulnerabilities in their Web UI prior to version 5.0.7. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. This set corresponds to CVE-2014-2334, CVE-2014-2335, and CVE-2014-2336. Expl...

4.3CVSS5.7AI score0.01792EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2014/10/31 2:0 p.m.47 views

CVE-2014-2335

Fortinet FortiManager/FortiAnalyzer < 5.0.7 are affected by multiple XSS vulnerabilities in the Web UI (CVE-2014-2334/2335/2336). The issues arise from improper input validation/sanitization in the web interface, allowing an attacker to inject arbitrary script/HTML via unspecified vectors. FG-...

4.3CVSS5.7AI score0.01148EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/10/31 2:0 p.m.30 views

CVE-2014-2334

Multiple cross-site scripting XSS vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336...

5.6AI score0.01161EPSS
Exploits0References4
Fortinet
Fortinet
added 2014/10/30 12:0 a.m.28 views

Multiple XSS vulnerabilities in FortiManager and FortiAnalyzer Web UI

...

4.3CVSS6.4AI score0.01161EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/09/30 12:0 a.m.72 views

Fortinet FortiOS < 4.3.16 / 5.x < 5.0.8 Multiple Vulnerabilities (FG-IR-14-006)

The remote host is running FortiOS prior to 4.3.16 or 5.x prior to 5.0.8. It is, therefore, affected by the following vulnerabilities : - A flaw exists within the FortiManager service when handling incoming requests. Using a specially crafted request, a remote attacker can exploit this to cause a...

7.5CVSS6.4AI score0.05143EPSS
Exploits0References3
NVD
NVD
added 2014/09/10 6:55 p.m.23 views

CVE-2014-0351

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the...

5.4CVSS6AI score0.00591EPSS
Exploits0References4
Prion
Prion
added 2014/09/10 6:55 p.m.28 views

Design/Logic Flaw

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-middle attackers to obtain sensitive information or interfere with communications by modifying the...

5.4CVSS6.6AI score0.00591EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/09/10 6:0 p.m.87 views

CVE-2014-0351

Fortinet FortiOS versions affected: FortiOS before 4.3.16 and 5.x before 5.0.8. The FortiManager service allows anonymous cipher suites, enabling a man‑in‑the‑middle to read or tamper traffic. According to FG-IR-14-006, this vulnerability (CVE-2014-0351) can also impact FortiManager communication...

5.4CVSS6.1AI score0.00591EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2014/08/25 2:55 p.m.27 views

CVE-2014-2216

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request...

7.5CVSS7.7AI score0.05143EPSS
Exploits0References6
Prion
Prion
added 2014/08/25 2:55 p.m.22 views

Cross site request forgery (csrf)

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request...

7.5CVSS8.3AI score0.05143EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2014/08/25 2:0 p.m.68 views

CVE-2014-2216

The CVE-2014-2216 vulnerability affects Fortinet FortiOS FortiGate devices where the FortiManager protocol service (on FortiOS versions prior to 4.3.16 and prior to 5.0.8 in the 5.0 branch) can be triggered by a crafted request, enabling remote attackers to cause a denial of service and possibly ...

7.5CVSS7.8AI score0.05143EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2014/08/25 2:0 p.m.32 views

CVE-2014-2216

The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on FortiGate devices allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted request...

7.6AI score0.05143EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/08/15 12:0 a.m.31 views

Fortinet FortiWeb 5.x < 5.2.1 Multiple XSS Vulnerabilities

The remote host is running FortiWeb 5.x prior to 5.2.1. It is, therefore, affected by multiple cross-site scripting XSS vulnerabilities in the web management interface URLs '/user/ldapuser/checkdlg' and '/user/radiususer/checkdlg' due to insufficient parameter input validation. Under specific...

4.3CVSS5.6AI score0.01161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/07/16 12:0 a.m.356 views

Fortinet FortiClient OpenSSL Security Bypass

FortiClient, a client-based software solution intended to provide security features for enterprise computers and mobile devices, is installed on the remote Windows host. The installed FortiClient version uses a vulnerable OpenSSL library that contains a flaw with the handshake process. The flaw...

7.4CVSS7AI score0.95326EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2014/07/14 12:0 a.m.675 views

Fortinet OpenSSL Multiple Vulnerabilities

The firmware of the remote Fortinet host is running a version of OpenSSL that is affected by one or more of the following vulnerabilities : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issu...

7.4CVSS8.1AI score0.99977EPSS
Exploits13References7
Fortinet
Fortinet
added 2014/07/10 12:0 a.m.31 views

FortiWeb Cross-Site Scripting Vulnerabilities

...

4.3CVSS6.4AI score0.01161EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Fortinet FortiMail 400 IBE Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

BitComet 0.60 Torrent File Handling Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16311/info BitComet is prone to a buffer-overflow vulnerability. This issue presents itself when the application attempts to process a malformed '.torrent' file. Exploitation of this issue could allow attacker-supplied...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Fortinet FortiGate 2.x/3.0 URL Filtering Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16599/info Fortinet FortiGate is prone to a vulnerability that could allow users to bypass the device's URL filtering. FortiGate devices running FortiOS v2.8MR10 and v3beta are vulnerable to this issue. Other versions may...

7.1AI score
Exploits0
Rows per page
Query Builder