Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-6642

Malware in sbrugna...

7.5CVSS7.5AI score0.01262EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-12924

Malware in sbrugna...

8.8CVSS8.6AI score0.00422EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6592

Malicious code in bioql PyPI...

5.4CVSS6.4AI score0.00403EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:24 a.m.11 views

CVE-2013-5551

Cisco Adaptive Security Appliance ASA Software, when certain same-security-traffic and management-access options are enabled, allows remote authenticated users to cause a denial of service stack overflow and device reload by using the clientless SSL VPN portal for internal-resource browsing, aka...

6.3CVSS6.9AI score0.00972EPSS
Exploits0References1
NVD
NVD
added 2025/03/17 2:15 p.m.6 views

CVE-2019-15706

An improper neutralization of input during web page generation in the SSL VPN portal of FortiProxy version 2.0.0, version 1.2.9 and below and FortiOS version 6.2.1 and below, version 6.0.8 and below, version 5.6.12 may allow a remote authenticated attacker to perform a stored cross site scripting...

5.4CVSS0.00403EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/28 12:0 a.m.8 views

Fortinet Fortigate Access to NULL pointer in SSL VPN portal (FG-IR-22-086)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-086 advisory. - A access of uninitialized pointer in Fortinet FortiOS version 7.2.0, 7.0.0 through 7.0.5, 6.4.0 through 6.4.8, 6.2.0 throug...

7.5CVSS7.4AI score0.00868EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/01/16 1:39 p.m.80 views

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now

Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service DoS condition and remote code execution RCE. "The two issues are fundamentally the same but exploitable at differen...

9.8CVSS10AI score0.57324EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2023/06/13 12:0 a.m.6 views

The vulnerability of the SSL-VPN portal for FortiOS operating systems and the FortiProxy proxy server, which allows attackers to execute arbitrary code.

The vulnerability of the SSL-VPN portal for FortiOS operating systems and the FortiProxy proxy server used for protecting against internet attacks is related to the possibility of buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending...

10CVSS8.8AI score0.85689EPSS
Exploits10References5Affected Software3
NVD
NVD
added 2023/03/07 5:15 p.m.28 views

CVE-2022-45861

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated...

6.5CVSS6.6AI score0.00818EPSS
Exploits0References1
Prion
Prion
added 2023/03/07 5:15 p.m.24 views

Design/Logic Flaw

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.11 and FortiProxy version 7.2.0 through 7.2.1, version 7.0.0 through 7.0.7 and before 2.0.11 allows a remote authenticated...

4CVSS6.2AI score0.00818EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2023/03/07 12:0 a.m.4 views

PT-2023-1862 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4.11 and earlier, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 FortiProxy versions 2.0.11 and earlier, 7.0.0 through 7.0.7, 7.2.0 through 7.2.1 Description: The issue is related to an access of uninitialized pointer vulnerabili...

6.8CVSS6.1AI score0.00818EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.3 views

PT-2022-5766 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.0.x, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 through 7.0.5, 7.2.0 FortiProxy versions 1.2.x, 2.0.0 through 2.0.9, 7.0.0 through 7.0.4 Description: The issue is related to an access of uninitialized pointer in the S...

7.8CVSS7.3AI score0.00868EPSS
Exploits0References6
Fortinet
Fortinet
added 2022/10/10 12:0 a.m.61 views

Protect

An access of uninitialized pointer vulnerability CWE-824 in the SSL VPN portal of FortiOS & FortiProxy may allow a remote unauthenticated or authenticated see Affected Products section attacker to crash the sslvpn daemon via an HTTP GET request...

5CVSS7.3AI score0.00868EPSS
Exploits0Affected Software2
OSV
OSV
added 2022/02/24 3:15 a.m.5 views

CVE-2021-26092

Failure to sanitize input in the SSL VPN web portal of FortiOS 5.2.10 through 5.2.15, 5.4.0 through 5.4.13, 5.6.0 through 5.6.14, 6.0.0 through 6.0.12, 6.2.0 through 6.2.7, 6.4.0 through 6.4.4; and FortiProxy 1.2.0 through 1.2.9, 2.0.0 through 2.0.1 may allow a remote unauthenticated attacker to...

6.1CVSS5.8AI score0.01061EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/06/15 12:0 a.m.4 views

The vulnerability of the SSL-VPN portal for FortiOS operating systems allows attackers to perform cross-site scripting attacks.

The vulnerability of the SSL-VPN portal for FortiOS operating systems exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

4.7CVSS6AI score0.62474EPSS
Exploits0References7Affected Software2
NCSC
NCSC
added 2021/06/02 12:0 a.m.7 views

Vulnerability fixed in FortiGate SSL VPN Portal

FortiGuard has fixed a vulnerability in e FortiGate SSL VPN portal. An unauthenticated remote malicious party could potentially exploit the vulnerability potentially exploit it to perform a Cross-Site Scripting XSS attack. Such an attack could lead to the execution of arbitrary script code in the...

6.1CVSS6.7AI score0.01061EPSS
Exploits0
NCSC
NCSC
added 2020/09/17 12:0 a.m.6 views

Vulnerability fixed in FortiOS

Fortinet has fixed a vulnerability in FortiOS. The vulnerability allows a malicious party to perform a Cross-Site Scripting XSS attack. The vulnerability arises from incorrect input validation when generating a Web page in the SSL VPN portal. Fortinet has released updates to fix the vulnerability...

5.4CVSS6.6AI score0.00403EPSS
Exploits0
OSV
OSV
added 2019/11/27 9:15 p.m.2 views

CVE-2019-15705

An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request...

7.5CVSS7.2AI score0.01262EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/11/26 12:0 a.m.48 views

Fortinet FortiOS < 6.0.7 / 6.2.x < 6.2.2 Multiple Vulnerabilities (FG-IR-19-184, FG-IR-19-236)

The remote host is running a version of FortiOS prior to 6.0.7 or 6.2.x prior to 6.2.2. It is, therefore, affected by multiple vulnerabilities : - A Cross-site Scripting XSS vulnerability in the FortiGate DHCP monitor page alllows an unauthenticated attacker in the same network as the FortiGate t...

7.5CVSS7.4AI score0.01262EPSS
Exploits0References4
Prion
Prion
added 2018/04/19 8:29 p.m.15 views

Cross site scripting

A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer SSL VPN portal of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of that portal on an...

4.3CVSS6AI score0.0189EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder