29 matches found
Fortinet FortiOS Access Control Error Vulnerability (CNVD-2025-24145)
Fortinet FortiOS is a network operating system developed by Fortinet for use in its firewall and network security appliances. A security vulnerability exists in Fortinet FortiOS that stems from a flaw in the authorization mechanism. An attacker could exploit the vulnerability to access static fil...
EUVD-2025-34230
An improper authorization vulnerability CWE-285 in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.8 & Fortinet FortiProxy before version 7.4.8 allows an authenticated attacker to access static files of others VDOMs via crafted HTTP or HTTPS requests...
CVE-2025-54822
An improper authorization vulnerability CWE-285 vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.8, FortiOS 7.0.0 through 7.0.11, FortiProxy 7.4.0 through 7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions allows an...
CVE-2025-54822
An improper authorization vulnerability CWE-285 vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.8, FortiOS 7.0.0 through 7.0.11, FortiProxy 7.4.0 through 7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions allows an...
CVE-2025-54822
An improper authorization vulnerability CWE-285 vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.8, FortiOS 7.0.0 through 7.0.11, FortiProxy 7.4.0 through 7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions allows an...
CVE-2025-54822
Fortinet CVE-2025-54822 affects FortiOS 7.4.0–7.4.1, 7.2.0–7.2.8, 7.0.0–7.0.11; FortiProxy 7.4.0–7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions. Description: authenticated attackers can access static files of other VDOMs via crafted HTTP/HTTPS request...
CVE-2025-54822
An improper authorization vulnerability CWE-285 vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.8, FortiOS 7.0.0 through 7.0.11, FortiProxy 7.4.0 through 7.4.8, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiProxy 2.0 all versions allows an...
PT-2025-41958
Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.4.0 through 7.4.1 and versions prior to 7.2.8 Fortinet FortiProxy versions prior to 7.4.8 Description An improper authorization issue exists that allows an authenticated attacker to access static files of other...
Fortinet FortiOS和Fortinet FortiProxy 授权问题漏洞
Fortinet FortiOS is a network operating system developed by Fortinet for use in its firewall and network security appliances. A security vulnerability exists in Fortinet FortiOS that stems from a flaw in the authorization mechanism. An attacker could exploit the vulnerability to access static fil...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerabili...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a dedicated security operating system for the FortiGate network security platform from Fortinet, Inc. Fortinet FortiOS versions 6.4.8 and earlier and 7.0.3 and earlier are vulnerable to an access control error that could be exploited by an authenticated attacker with a...
CVE-2021-26107
An improper access control vulnerability CWE-284 in FortiManager versions 6.4.4 and 6.4.5 may allow an authenticated attacker with a restricted user profile to modify the VPN tunnel status of other VDOMs using VPN Manager...
Fortinet FortiManager 安全漏洞
Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...
Fedora: Security Advisory for pure-ftpd (FEDORA-2020-fa83ea0492)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for pure-ftpd (FEDORA-2020-84fb0920fd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 30 Update: pure-ftpd-1.0.49-5.fc30
Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...
[SECURITY] Fedora 32 Update: pure-ftpd-1.0.49-5.fc32
Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels setfsuid, sendfile, capabilities...
Fedora: Security Advisory for pure-ftpd (FEDORA-2020-5ac8d4c11a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-0096
A vulnerability in the role-based access control RBAC functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. The vulnerability is due to ...
CVE-2018-0096
A vulnerability in the role-based access control RBAC functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. The vulnerability is due to ...