Lucene search
K

2495 matches found

Cvelist
Cvelist
added 2026/05/12 4:54 p.m.34 views

CVE-2025-67604

A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4....

5.3CVSS0.00424EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:54 p.m.33 views

CVE-2026-25690

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

4.3CVSS0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:54 p.m.31 views

CVE-2026-25088

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiNDR 7.6.0 through 7.6.2, FortiNDR 7.4.0 through 7.4.9, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions may allow an authenticated attacker to execut...

5.4CVSS0.00264EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:54 p.m.20 views

CVE-2026-25088

CVE-2026-25088 is described as an "improper neutralization of special elements used in an sql command" (SQL injection) affecting Fortinet FortiNDR versions 7.0 all, 7.1 all, 7.2 all, 7.4.0–7.4.9, and 7.6.0–7.6.2. The underlying issue is a failure to properly sanitize input in SQL commands, allowi...

8.8CVSS6AI score0.00264EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 4:54 p.m.6 views

CVE-2026-26083

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS6AI score0.00733EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:54 p.m.31 views

CVE-2026-26083

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS0.00733EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Fortinet FortiDeceptor 参数注入漏洞

Fortinet FortiDeceptor is a network threat detection platform developed by the American company Fortinet. This platform primarily exploits deceptive techniques to uncover network threats. Versions of Fortinet FortiDeceptor, ranging from 6.0.0 to 6.0.2, 5.3.0 to 5.3.3, 5.2.0 to 5.2.1, all versions...

6.5CVSS5.8AI score0.00241EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40108

Name of the Vulnerable Software and Affected Versions FortiMail versions 7.6.0 through 7.6.3 FortiMail versions 7.4.0 through 7.4.5 FortiMail versions 7.2.0 through 7.2.8 Description Improper neutralization of special elements used in an SQL command allows an authenticated privileged attacker to...

7.2CVSS6AI score0.00359EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-40113

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiNDR 7.6.0 through 7.6.2, FortiNDR 7.4.0 through 7.4.9, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions may allow an authenticated attacker to execut...

5.4CVSS6AI score0.00264EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

OpenTelemetry .NET Contrib 安全漏洞

OpenTelemetry .NET Contrib is an open-source telemetry data collection and processing library developed by OpenTelemetry - CNCF. Previous versions of OpenTelemetry .NET Contrib, such as 0.2.0-alpha.1, contained security vulnerabilities. These vulnerabilities stemmed from the use of an unbounded...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-40111

Name of the Vulnerable Software and Affected Versions FortiAnalyzer versions 7.6.0 through 7.6.4 FortiAnalyzer versions 7.4.0 through 7.4.8 FortiAnalyzer version 7.2 FortiAnalyzer version 7.0 FortiAnalyzer version 6.4 FortiManager versions 7.6.0 through 7.6.4 FortiManager versions 7.4.0 through...

5.3CVSS5.8AI score0.00424EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Fortinet FortiMail SQL注入漏洞

Fortinet FortiMail is a suite of email security gateway products developed by the American company Fortinet. This product provides features such as email security protection and data protection. Versions 7.6.0 to 7.6.3, 7.4.0 to 7.4.5, and 7.2.0 to 7.2.8 of Fortinet FortiMail contain SQL injectio...

7.2CVSS6.1AI score0.00359EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection device developed by the American company Fortinet. This device offers features such as dual sandbox technology, dynamic threat intelligence systems, real-time control panels, and reporting capabilities. Security vulnerabilities...

9.8CVSS6.2AI score0.00733EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.14 views

PT-2026-40115

Name of the Vulnerable Software and Affected Versions FortiSandbox versions 5.0.0 through 5.0.1 FortiSandbox versions 4.4.0 through 4.4.8 FortiSandbox Cloud versions 5.0.2 through 5.0.5 FortiSandbox PaaS version 23.4 FortiSandbox PaaS version 23.3 FortiSandbox PaaS version 23.1 FortiSandbox PaaS...

10CVSS6AI score0.00733EPSS
Exploits0References25
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Zyxel WRE6505 操作系统命令注入漏洞

The Zyxel WRE6505 is a wireless signal expansion device produced by the Chinese company Zyxel. The Zyxel WRE6505 v2 V1.00ABDV.3C0 version contains a vulnerability related to operating system command injection. This vulnerability stems from CGI programs that allow command injection, potentially...

8.8CVSS5.9AI score0.01007EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.11 views

Fortinet FortiAnalyzer DoS due to unsafe function in signal handler (FG-IR-26-137)

The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-137 advisory. - A use of potentially Dangerous Function vulnerability CWE-676 in FortiAnalyzer and FortiManager API may allow an...

5.3CVSS5.9AI score0.00424EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.14 views

Fortinet FortiNDR SQL注入漏洞

Fortinet FortiNDR is a network detection and response solution provided by the American company Fortinet. Versions 7.6.0 to 7.6.2, 7.4.0 to 7.4.9, all versions of 7.2, all versions of 7.1, and all versions of 7.0 of Fortinet FortiNDR contain an SQL injection vulnerability. This vulnerability stem...

8.8CVSS6AI score0.00264EPSS
Exploits0References1
OSV
OSV
added 2026/05/11 4:11 p.m.7 views

GHSA-3JH5-RR2Q-XFV7 Valtimo has sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer

Summary The LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full request body, response body, and response headers. When an error response is received, this information is included in the thrown...

7.6CVSS5.9AI score0.002EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/11 2:50 p.m.44 views

EUVD-2026-27867

Facebook React has a Denial of Service Vulnerability in React Server Components...

7.5CVSS5.8AI score0.01533EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.14 views

Geyser 代码问题漏洞

Geyser is a cross-platform game version bridging proxy tool developed by GeyserMC. Versions of Geyser prior to 2.9.3 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing when processing texture data for players’ heads in Minecraft. This allowed attackers...

2.4CVSS6AI score0.00158EPSS
Exploits0References2
Rows per page
Query Builder