8491 matches found
CVE-2025-68648
A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through 7.4.7,...
CVE-2025-68648
A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2...
CVE-2025-68648
A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2...
CVE-2025-68648
Fortinet FortiAnalyzer, FortiAnalyzer Cloud, FortiManager, and FortiManager Cloud are affected by a use of externally-controlled format string vulnerability. Versions impacted span FortiAnalyzer/Cloud 7.0, 7.2, 7.4, and 7.6 (and corresponding FortiManager/Cloud ranges), with a potential for privi...
CVE-2025-68648
A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.2, FortiAnalyzer Cloud 7.4.1 through 7.4.7, FortiAnalyzer Cloud 7.2...
Fortinet FortiManager Format string vulnerability in fazsvcd (FG-IR-26-092)
The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-092 advisory. - A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer...
PT-2026-24238
🚨 CVE-2025-68648 A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer Cloud 7.6.0 through 7.6.4, FortiAnalyzer Cloud 7.4.0 through...
Fortinet FortiAnalyzer Format string vulnerability in fazsvcd (FG-IR-26-092)
The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-092 advisory. - A use of externally-controlled format string vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer...
SonicWALL SonicOS Use of Externally-Controlled Format String (CVE-2026-0400)
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
SonicWall SonicOS Multiple Post-Authentication Vulnerabilities (SNWLID-2026-0001)
According to its self-reported version, the remote SonicWall firewall is running a version of SonicOS that is affected by multiple vulnerabilities, including: - Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds...
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall...
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall...
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall...
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall...
CVE-2026-0400
The CVE-2026-0400 entry concerns SonicOS and is a post-authentication Format String vulnerability that can cause a firewall to crash. Affected software is SonicOS (no version details provided). Root cause: improper handling of format strings in the affected component, leading to denial of service...
CVE-2026-0400
A post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall...
SonicOS multiple post-authentication vulnerabilities
1 CVE-2026-0399 - Multiple SonicOS post-authentication Stack-based Buffer Overflow vulnerabilitiesMultiple post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.CVSS Score: 4.9 CVSS Vector:...
SonicWALL SonicOS 安全漏洞
SonicWALL SonicOS is an operating system developed by the American company SonicWALL, specifically for use with SonicWall firewall devices. There is a security vulnerability in SonicWALL SonicOS, which stems from a format string vulnerability, potentially causing the firewall to crash...
PT-2026-21746
Name of the Vulnerable Software and Affected Versions SonicOS affected versions not specified Description A post-authentication format string issue exists in SonicOS. This can allow a remote attacker to cause a firewall to crash. Recommendations At the moment, there is no information about a newe...
CVE-2025-30269
A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync...