CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1835 matches found

NVD•added 2024/05/14 5:17 p.m.•7 views

CVE-2024-31491

A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests...

8.8CVSS8.9AI score0.00834EPSS

Exploits0References1

OSV•added 2024/05/14 5:15 p.m.•1 views

CVE-2023-45583

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13,...

7.2CVSS5.9AI score0.00654EPSS

Exploits0References1

NVD•added 2024/05/14 5:15 p.m.•23 views

CVE-2023-45583

A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0.0 through 6.0.16, FortiPAM 1.1.0, FortiPAM 1.0 all versions, FortiProxy 7.2.0 through 7.2.5,...

7.2CVSS6.9AI score0.00654EPSS

Exploits0References1

NVD•added 2024/05/14 5:15 p.m.•24 views

CVE-2023-36640

6.7CVSS6.8AI score0.00276EPSS

Exploits0References1

Vulnrichment•added 2024/05/14 4:19 p.m.•23 views

CVE-2023-36640

6.7CVSS6.8AI score0.00276EPSS

Exploits0References1

Cvelist•added 2024/05/14 4:19 p.m.•25 views

CVE-2023-36640

6.7CVSS7AI score0.00276EPSS

Exploits0References1

CVE•added 2024/05/14 4:19 p.m.•64 views

CVE-2023-36640

CVE-2023-36640 describes a use of externally-controlled format string in Fortinet FortiProxy and related Fortinet products, enabling an attacker to execute unauthorized code or commands via specially crafted commands. Affected software includes FortiProxy versions 7.2.0–7.2.4, 7.0.0–7.0.12, 2.0.0...

6.7CVSS6.8AI score0.00276EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/05/14 4:19 p.m.•17 views

CVE-2023-45583

6.7CVSS6.8AI score0.00654EPSS

Exploits0References1

CVE•added 2024/05/14 4:19 p.m.•80 views

CVE-2023-45583

The CVE-2023-45583 vulnerability is a use of externally-controlled format string affecting Fortinet FortiProxy, FortiPAM, FortiOS, and FortiSwitchManager across multiple versions (e.g., FortiProxy 7.2.0–7.2.5, 7.0.x, 2.0.x, 1.x; FortiOS 7.x and 6.x; FortiPAM 1.x; FortiSwitchManager 7.x). The unde...

7.2CVSS6.8AI score0.00654EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/05/14 4:19 p.m.•12 views

CVE-2024-31491

8.8CVSS7.1AI score0.00834EPSS

Exploits0References1

Cvelist•added 2024/05/14 4:19 p.m.•11 views

CVE-2024-31491

8.8CVSS9AI score0.00834EPSS

Exploits0References1

CVE•added 2024/05/14 4:19 p.m.•51 views

CVE-2024-31491

CVE-2024-31491 affects Fortinet FortiSandbox components (FortiSandbox 4.2.0–4.2.6 and 4.4.0–4.4.4). The issue stems from client-side enforcement of server-side security, enabling an attacker to execute unauthorized code or commands via HTTP requests. The connected sources specify the affected ver...

8.8CVSS7.1AI score0.00834EPSS

Exploits0References1Affected Software1

CNNVD•added 2024/05/14 12:0 a.m.•2 views

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A security vulnerability exists in Fortinet FortiSandbox that stems from...

8.8CVSS7.4AI score0.00834EPSS

Exploits0References3

CNNVD•added 2024/05/14 12:0 a.m.•4 views

多款Fortinet产品格式化字符串错误漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a Fortinet FortiPAM is a platform for privilege access control . Fortinet FortiProxy, FortiPAM, and FortiOS have a...

7.2CVSS7.2AI score0.00654EPSS

Exploits0References4

Positive Technologies•added 2024/05/14 12:0 a.m.•4 views

PT-2024-3553

Name of the Vulnerable Software and Affected Versions FortiOS versions prior to 7.0.0 Description The issue is related to a double free vulnerability, which may allow a privileged attacker to execute unauthorized code or commands. This can be achieved via crafted HTTP or HTTPS requests...

7.5CVSS7AI score0.01258EPSS

Exploits0References7

Vulnrichment•added 2024/04/24 6:16 p.m.•25 views

CVE-2024-20359

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code...

6CVSS7.4AI score0.16863EPSS

Exploits1References1

CNVD•added 2024/04/19 12:0 a.m.•7 views

Fortinet FortiClient Code Injection Vulnerability

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A code injection vulnerability exists in Fortinet...

9.6CVSS7.8AI score0.01524EPSS

Exploits0References1

CNVD•added 2024/04/19 12:0 a.m.•5 views

Fortinet FortiSandbox Path Traversal Vulnerability (CNVD-2024-20780)

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A path traversal vulnerability exists in Fortinet FortiSandbox, which stems fr...

6.7CVSS7.3AI score0.00288EPSS

Exploits0References1

Veracode•added 2024/04/16 12:12 p.m.•20 views

Code Injection

llama-index-core is vulnerable to Code Injection. The vulnerability is due to insufficient input validation within the safeeval function in the executils class, which allows an attacker to bypass method restrictions resulting in unauthorized code execution...

9.8CVSS9.2AI score0.00951EPSS

Exploits0References4Affected Software1

CNVD•added 2024/04/12 12:0 a.m.•8 views

Fortinet FortiSandbox Path Traversal Vulnerability (CNVD-2024-21266)

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. Fortinet FortiSandbox suffers from a path traversal vulnerability that can be...

8.1CVSS7.4AI score0.01159EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by