122 matches found
EUVD-2025-209452
An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiPAM 1.7.0, FortiPAM 1.6 all versions,...
EUVD-2026-10516
An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...
EUVD-2026-10515
An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...
CVE-2026-22627
A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet...
CVE-2026-22627
CVE-2026-22627 affects Fortinet FortiSwitch AX Fixed 1.0.0 through 1.0.1. The vulnerability is a buffer copy without input size checking in LLDP packet handling, enabling an unauthenticated attacker on the same adjacent network to run arbitrary code or commands on the device. Impact per the entry...
CVE-2026-22628
An improper access control vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an authenticated admin to execute system commands via a specifically crafted SSH config file...
CVE-2025-49201
CVE-2025-49201 concerns Fortinet FortiPAM (versions 1.0.0–1.5.0) and FortiSwitchManager (7.2.0–7.2.4). Multiple sources confirm a weak authentication mechanism that enables an attacker to execute unauthorized code or commands by sending specially crafted HTTP requests, i.e., remote code execution...
EUVD-2016-5559
Malware in sbrugna...
EUVD-2019-7963
Malware in sbrugna...
EUVD-2021-12932
Malware in sbrugna...
EUVD-2022-28514
Malicious code in bioql PyPI...
EUVD-2021-31021
Malicious code in bioql PyPI...
EUVD-2023-41790
Malicious code in bioql PyPI...
EUVD-2023-41789
Malicious code in bioql PyPI...
EUVD-2025-10266
Malicious code in bioql PyPI...
EUVD-2021-29713
Malicious code in bioql PyPI...
CVE-2023-47537
An improper certificate validation vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.6, FortiOS 7.0.0 through 7.0.15, FortiOS 6.4 all versions allows a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the FortiLink communication channel...
CVE-2023-37936
A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests...
CVE-2023-37937
An improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code o...
CVE-2022-27488
A cross-site request forgery CSRF in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2,...