PT-2024-26413 · Fortinet · Fortianalyzer +2

Name of the Vulnerable Software and Affected Versions: Fortinet FortiAnalyzer versions prior to 7.4.2 Fortinet FortiManager versions prior to 7.4.2 Fortinet FortiAnalyzer-BigData versions prior to 7.2.7 and version 7.4.0 Description: The issue is related to an improper limitation of a pathname to...

PT-2024-8519 · Fortinet · Fortimanager +2

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.4.0 through 7.4.2 and before 7.2.5 Fortinet FortiAnalyzer versions 7.4.0 through 7.4.2 and before 7.2.5 Fortinet FortiAnalyzer-BigData before 7.4.0 Description: The issue is related to improper neutralization ...

PT-2024-24120 · Fortinet · Fortimanager +2

Name of the Vulnerable Software and Affected Versions: FortiManager versions 7.4.0 through 7.4.2 and before 7.2.5 FortiAnalyzer versions 7.4.0 through 7.4.2 and before 7.2.5 FortiAnalyzer-BigData versions 7.4.0 and before 7.2.7 Description: A stack-based buffer overflow issue allows a privileged...

PT-2024-7955 · Fortinet · Fortianalyzer +2

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer-BigData versions 6.2.5, 6.4.5 through 6.4.7, 7.0.1 through 7.0.6, 7.2.0 through 7.2.6, 7.4.0 FortiManager versions 6.4.0 through 6.4.14, 7.0.0 through 7.0.11, 7.2.0 through 7.2.4, 7.4.0 through 7.4.1 FortiAnalyzer versions 6.4.0...

The vulnerability of the software for centralized device management in Fortinet’s FortiManager, the security event monitoring and analysis tools FortiAnalyzer, FortiAnalyzer-BigData, and the security analytics and management tool FortiPortal, arises due to the use of an uncontrolled format string. This allows a malicious individual to execute arbitrary codes or commands.

The vulnerability of the software for centralized device management in Fortinet’s FortiManager, the security event monitoring and analysis tool FortiAnalyzer, FortiAnalyzer-BigData, and the security analytics and management tool FortiPortal is related to the use of an uncontrolled format string...

Format string

A use of externally-controlled format string vulnerability CWE-134 in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData...

Fortinet Multiple Products Formatting String Error Vulnerability

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologie...

PT-2024-2113 · Fortinet · Fortiportal +3

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.2.0 through 7.2.3 and 7.4.0 through 7.4.1 and before 7.0.10 Fortinet FortiAnalyzer versions 7.2.0 through 7.2.3 and 7.4.0 through 7.4.1 and before 7.0.10 Fortinet FortiAnalyzer-BigData before 7.2.5 Fortinet...

The vulnerability of the software for central device management in Fortinet’s FortiManager, as well as the security monitoring and analysis tools FortiAnalyzer and FortiAnalyzer-BigData, allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Fortinet FortiManager software for centralized device management, as well as the FortiAnalyzer and FortiAnalyzer-BigData security monitoring and analysis tools, is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious...

CVE-2023-44253

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in Fortinet FortiManager version 7.4.0 through 7.4.1 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.1 and before 7.2.5 and FortiAnalyzer-BigData before 7.2.5 allows an adom administrator to enumerate...

PT-2023-9784 · Fortinet · Fortianalyzer +2

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions prior to 7.4.2 Fortinet FortiAnalyzer versions prior to 7.4.2 Fortinet FortiAnalyzer-BigData versions prior to 7.2.5 Description: The issue is related to exposure of sensitive information to an unauthorized acto...

CVE-2019-12634

A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a...

com.huemulsolutions.bigdata:huemul-bigdatagovernance (>=1.1 <=2.1), com.thinkbiganalytics.kylo:kylo-kerberos-test-client (=0.10.0) +3 more potentially affected by CVE-2015-1772 via org.apache.hive:hive-service (=1.1.0)

org.apache.hive:hive-service MAVEN version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-service and may be impacted: - com.huemulsolutions.bigdata:huemul-bigdatagovernance =1.1, =2.1 -...

com.webank.wedatasphere.dss:dolphinscheduler-prod-metrics (>=1.1.0 <=1.2.2), com.wgzhao.addax:hivereader (>=5.1.0 <=6.0.11) +28 more potentially affected by CVE-2017-12625 via org.apache.hive:hive-service (>=2.1.0 <=2.1.1)

org.apache.hive:hive-service MAVEN version =2.1.0, =1.1.0, =5.1.0, =1.15.4, =1.2.0, =2.0.1, =1.2.0, =1.2.0, =1.2.0, =2.0.1, =2.0.1, =3.0.0, =2.0.0, =3.0.0, =3.0.0, =3.0.6 and more Source cves: CVE-2017-12625 Source advisory: OSV:GHSA-2G9Q-CHQ2-W8QWhttps://vulners.com/osv/OSV:GHSA-2G9Q...

phpMoAdmin - MongoDB unauthenticated remote execution 0day authomatic exploit

This is an unauthenticated remote execution 0day exploit coded by sp1nlock phpMoAdmin is a web interface for mongodb databases, is like phpmyadmin but for this nosql bigdata oriented database named MongoDB. Usage Info ./phpmohack.py url cmd ex: ./phpmohack.py http://test.com/path/ 'ls -l' This is...