1835 matches found
CVE-2023-46720
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands...
CVE-2023-46720
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands...
CVE-2023-23775
Multiple improper neutralization of special elements used in SQL commands 'SQL Injection' vulnerabilities CWE-89 in FortiSOAR 7.2.0 and before 7.0.3 may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted strings parameters...
CVE-2023-23775
FortiSOAR SQL injection (CVE-2023-23775) affects FortiSOAR 7.2.0 and earlier 7.0.3 due to improper neutralization of special elements in SQL commands. An authenticated attacker can potentially execute unauthorized code or commands via specially crafted string parameters, with risk described as hi...
CVE-2023-46720
CVE-2023-46720 is a stack-based buffer overflow in Fortinet FortiOS, affecting FortiOS versions 6.0.13–6.0.18, 6.2.9–6.2.16, 6.4.6–6.4.15, 7.0.0–7.0.12, 7.2.0–7.2.7, and 7.4.0–7.4.1. The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted CLI commands, ...
CVE-2024-23110
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands...
CVE-2024-23110
CVE-2024-23110 describes a stack-based buffer overflow in Fortinet FortiOS serving FortiGate devices. Affected products include FortiOS versions 7.4.0–7.4.2, 7.2.0–7.2.6, 7.0.0–7.0.13, 6.4.0–6.4.14, 6.2.0–6.2.15, and 6.0 (all sub-versions). The underlying issue is an overflow vulnerability in com...
CVE-2024-2012
CVE-2024-2012 concerns the FOXMAN-UN/UNEM server and its APIGateway. Red Hat/Red Hat-adjacent and other sources describe an authentication bypass and post-authentication surface that could allow unauthenticated or improperly authenticated users to interact with services, potentially enabling unin...
Fortinet Fortigate Multiple buffer overflows in diag npu command (FG-IR-23-460)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-460 advisory. - A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13,...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. Fortinet FortiOS suffers from a...
Fortinet FortiOS Security Vulnerabilities
Fortinet FortiOS is a set of security operating systems dedicated to the FortiGate network security platform from the U.S. company Fiat Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security...
Multiple Fortinet products Security vulnerabilities
Fortinet FortiAuthenticator and others are products of Fortinet, Inc.Fortinet FortiAuthenticator is a centralized user identity management solution.Fortinet FortiSwitchManager is a network switch Fortinet FortiSwitchManager is a network switch management tool designed to help organizations manage...
Fortinet Fortigate Stack buffer overflow on bluetooth write feature (FG-IR-23-356)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-356 advisory. - A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through...
CVE-2024-23669
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...
CVE-2024-23669
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...
CVE-2024-23669
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...
CVE-2024-23669
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...
Fortinet FortiWebManager Authorization Issues Vulnerability
Fortinet FortiWebManager is a Web application firewall from the U.S. company Fiat Fortinet. Fortinet FortiWebManager suffers from an authorization issue vulnerability that can be exploited by an attacker to execute unauthorized code or commands via HTTP requests or the CLI...
CVE-2024-23668
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...
CVE-2024-23670
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...