CVE-2026-21741

Fortinet FortiNAC-F is affected by an Open Redirect (CWE-601) vulnerability across FortiNAC-F 7.6.0–7.6.5, FortiNAC-F 7.4 all versions, and FortiNAC-F 7.2 all versions. The issue allows a remote privileged attacker with the system administrator role to redirect users to an arbitrary website by up...

Fortinet FortiNAC-F 输入验证错误漏洞

Fortinet FortiNAC-F is a network access control solution developed by the American company Fortinet. This product is primarily used for network access control and IoT security protection. Vulnerabilities exist in versions 7.6.0 to 7.6.5, 7.4, and 7.2 of Fortinet FortiNAC-F, due to input validatio...

CVE-2022-38376

Multiple improper neutralization of input during web page generation 'Cross-site Scripting' vulnerabilities CWE-79 in Fortinet FortiNAC portal UI before 9.4.1 allows an attacker to perform an XSS attack via crafted HTTP requests...

EUVD-2019-15169

Malware in sbrugna...

EUVD-2022-43946

Malicious code in bioql PyPI...

EUVD-2023-37462

Malicious code in bioql PyPI...

EUVD-2022-42398

Malicious code in bioql PyPI...

EUVD-2022-40961

Malicious code in bioql PyPI...

EUVD-2021-30018

Malicious code in bioql PyPI...

EUVD-2022-43948

Malicious code in bioql PyPI...

EUVD-2023-37463

Malicious code in bioql PyPI...

EUVD-2022-43949

Malicious code in bioql PyPI...

EUVD-2023-30031

Malicious code in bioql PyPI...

EUVD-2022-42397

Malicious code in bioql PyPI...

EUVD-2022-43947

Malicious code in bioql PyPI...

CVE-2023-26206

An improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiNAC 9.4.0 - 9.4.2, 9.2.0 - 9.2.8, 9.1.0 - 9.1.10 and 7.2.0 allows an attacker to execute unauthorized code or commands via the name fields observed in the policy audit logs...

CVE-2023-33299

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed...

CVE-2022-38375

An improper authorization vulnerability CWE-285 in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the FortiNAC instance via crafted HTTP POST requests...

CVE-2022-40676

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.8, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 allows attacker to execute unauthorized co...

CVE-2022-39954

An improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.2.7, FortiNAC version 9.1.0 through 9.1.8, FortiNAC version 8.8.0 through 8.8.11, FortiNAC version 8.7.0 through 8.7.6, FortiNAC version 8.6.0 through 8.6.5,...