EUVD-2025-4977

Malicious code in bioql PyPI...

EUVD-2024-54503

Malicious code in bioql PyPI...

CVE-2024-31492

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

CVE-2024-35281

An improper isolation or compartmentalization vulnerability CWE-653 in FortiClientMac version 7.4.2 and below, version 7.2.8 and below, 7.0 all versions and FortiVoiceUCDesktop 3.0 all versions desktop application may allow an authenticated attacker to inject code via Electron environment variabl...

CVE-2024-35281

Summary of CVE-2024-35281 : An improper isolation/compartmentalization (CWE-653) vulnerability in Fortinet FortiClientMac (versions 7.4.2 and below; 7.2.8 and below; 7.0 all) and FortiVoiceUCDesktop 3.0 (all versions) may allow an authenticated attacker to inject code via Electron environment var...

Fortinet FortiClientMAC Code Execution Vulnerability

Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. A code execution vulnerability exists in Fortinet FortiClientMAC that originates from an external control of a file name or path, which can be exploited by a local attacker to execute arbitrary co...

CVE-2023-45588

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

Fortinet FortiClientMac Authorization Issues Vulnerability (CNVD-2025-03517)

Fortinet FortiClientMac is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClientMac suffers from an authorization...

CVE-2024-52968

An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password...

CVE-2024-52968

An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password...

PT-2025-6265 · Fortinet · Forticlientmac

Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientMac versions 7.0.11 through 7.2.4 Description: The issue is related to improper authentication, allowing an attacker to gain unauthorized access to MacOS via an empty password. This is due to deficiencies in the...

CVE-2024-31492

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

CVE-2024-31492

CVE-2024-31492 describes an external control of file name or path (CWE-73) in FortiClientMac installers: FortiClientMac versions 7.2.3 and below and 7.0.10 and below allow a local attacker to execute arbitrary code by writing a malicious configuration file in /tmp before installation. Fortinet PS...

CVE-2023-22635

A download of code without Integrity check vulnerability CWE-494 in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate...

Design/Logic Flaw

A download of code without Integrity check vulnerability CWE-494 in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate...

CVE-2023-22635

CVE-2023-22635 describes a vulnerability in FortiClientMac where a local attacker can escalate privileges by modifying the installer during upgrade due to a download-without-integrity-check flaw (CWE-494). Affects FortiClientMac versions 4.0 through 7.0.7 (and related 6.4, 6.2, 6.0, 5.x, 4.x line...

CVE-2023-22635

A download of code without Integrity check vulnerability CWE-494 in FortiClientMac version 7.0.0 through 7.0.7, 6.4 all versions, 6.2 all versions, 6.0 all versions, 5.6 all versions, 5.4 all versions, 5.2 all versions, 5.0 all versions and 4.0 all versions may allow a local attacker to escalate...

FortiClient (Mac) - update functionality may lead to privilege escalation vulnerability

A download of code without Integrity check vulnerability CWE-494 in FortiClientMac may allow a local attacker to escalate their privileges via modifying the installer upon upgrade...

CVE-2021-41028

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...

Design/Logic Flaw

A combination of a use of hard-coded cryptographic key vulnerability CWE-321 in FortiClientEMS 7.0.1 and below, 6.4.6 and below and an improper certificate validation vulnerability CWE-297 in FortiClientWindows, FortiClientLinux and FortiClientMac 7.0.1 and below, 6.4.6 and below may allow an...