42 matches found
EUVD-2024-24978
Malicious code in bioql PyPI...
EUVD-2024-24976
Malicious code in bioql PyPI...
EUVD-2024-24975
Malicious code in bioql PyPI...
EUVD-2024-24977
Malicious code in bioql PyPI...
CVE-2024-27783
Multiple cross-site request forgery CSRF weaknesses CWE-352 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remote attacker to perform arbitrary actions on behalf of an authenticated user via tricking the victim to execute malicious GET requests...
CVE-2024-27785
An improper neutralization of formula elements in a CSV File CWE-1236 vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports...
CVE-2024-27782
Multiple insufficient session expiration weaknesses CWE-613 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests...
CVE-2024-27784
Multiple Exposure of sensitive information to an unauthorized actor weaknesses CWE-200 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files...
The vulnerability of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps allows for CSRF attacks to be carried out.
The vulnerability of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps is related to the of cross-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack by sending specially crafted GET requests...
The export function of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps is vulnerable, allowing a perpetrator to execute arbitrary commands.
The vulnerability of the export function of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps relates to the absence of a mechanism to neutralize elements in the CSV file. Exploiting this vulnerability allows an attacker operating...
The vulnerability of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps allows a perpetrator to disclose protected information.
The vulnerability of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information stored in...
The vulnerability of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the graphical user interface of the artificial intelligence-based security threat detection software FortiAIOps is related to incorrect session duration due to repeated use of session tokens. Exploiting this vulnerability can allow an attacker operating remotely to gain...
Fortinet FortiAIOps Cross-Site Request Forgery Vulnerability
Fortinet FortiAIOps is a Fortinet networking solution that combines artificial intelligence and machine learning AI/ML from Fortinet. Fortinet FortiAIOps version 2.0.0 suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that...
Fortinet FortiAIOps Code Issue Vulnerability
Fortinet FortiAIOps is a Fortinet networking solution that combines artificial intelligence and machine learning AI/ML from Fortinet. A code issue vulnerability exists in Fortinet FortiAIOps version 2.0.0, which stems from the presence of multiple sessions that have insufficiently expired, and ca...
Fortinet FortiAIOps Log Information Disclosure Vulnerability
Fortinet FortiAIOps is a Fortinet networking solution that combines artificial intelligence and machine learning AI/ML from Fortinet. A log information disclosure vulnerability exists in Fortinet FortiAIOps version 2.0.0, which stems from an application that does not adequately protect sensitive...
Vulnerabilities fixed in Fortinet
Fortinet has fixed a number of vulnerabilities in FortiAIOps, Fortinet FortiPortal, FortiWeb and Fortinet FortiExtender. The most serious vulnerabilities are CVE-2024-23663, CVE-2024-27782 and CVE-2024-27784. Which are in Fortinet FortiExtender and FortiAIOps. Fortinet FortiExtender: Fortinet...
CVE-2024-27782
Multiple insufficient session expiration weaknesses CWE-613 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an attacker to re-use stolen old session tokens to perform unauthorized operations via crafted requests...
CVE-2024-27784
Multiple Exposure of sensitive information to an unauthorized actor weaknesses CWE-200 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files...
CVE-2024-27785
An improper neutralization of formula elements in a CSV File CWE-1236 vulnerability in Fortinet FortiAIOps 2.0.0 may allow a remote authenticated attacker to execute arbitrary commands on a client's workstation via poisoned CSV reports...
CVE-2024-27784
Multiple Exposure of sensitive information to an unauthorized actor weaknesses CWE-200 vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive information from the API endpoint or log files...