5908 matches found
Fortinet FortiWeb Multiple Stack based buffer overflow in web interface (FG-IR-22-118)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-118 advisory. - A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through...
Fortinet Fortigate Node.js crash over administrative interface (FG-IR-24-017)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-017 advisory. - An improper check or handling of exceptional conditions vulnerability CWE-703 in Fortinet FortiOS version 7.4.1 allows an...
Fortinet FortiWeb OS command injection in Web GUI (FG-IR-22-163)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-163 advisory. - An improper neutralization of special elements used in an os command 'OS Command Injection' CWE-78 in FortiWeb 7.0.0 through...
Fortinet FortiWeb Command injection in webserver (FG-IR-22-254)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-254 advisory. - A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 7.0....
CVE-2024-5055 Vulnerability of uncontrolled resource consumption in XAMPP
Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier. This vulnerability exists when XAMPP attempts to process many incomplete HTTP requests, resulting in resource consumption and system crashes...
CVE-2024-5052
Denial of Service DoS vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The vulnerability exists when the web server, default port 10001, attempts to process a large number of incomplete HTTP requests...
CVE-2024-5052
Cerberus Enterprise 8.0.10.3 web administration (default port 10001) is affected by CVE-2024-5052, a DoS when processing a large number of incomplete HTTP requests. The issue is in the web server component and impacts availability. There is no exploitation detail provided in the documents. Remedi...
The vulnerability in the FortiOS operating system’s web administration interface allows a hacker to trigger a service failure.
The vulnerability in the FortiOS operating system’s web administration interface is related to deficiencies in handling exceptional states. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted HTTP requests...
U.S. Dept Of Defense: Out-Of-Bounds Memory Read on ███
Vulnerability description not provided...
Fortinet FortiOS Denial of Service Vulnerability
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A denial of service vulnerability...
CVE-2024-4561 WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via FaviconController
In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server...
CVE-2024-4561
Progress WhatsUp Gold before version 23.1.2 contains a blind SSRF in the FaviconController that lets an attacker issue arbitrary HTTP requests from the affected server (CVE-2024-4561). Affected product is Progress WhatsUp Gold; root cause is SSRF handling in FaviconController. Impact is informati...
CVE-2024-0862
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses...
CVE-2024-0862
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses...
CVE-2024-0862
The CVE-2024-0862 entry concerns the Proofpoint Encryption endpoint in Proofpoint Enterprise Protection. A Server-Side Request Forgery exists that lets an authenticated user relay HTTP requests from the Protection server to internal, private network addresses. Affected component: Proofpoint Encry...
CVE-2024-31491
A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests...
CVE-2024-31491
A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests...
CVE-2024-31488
An improper neutralization of inputs during web page generation vulnerability CWE-79 in FortiNAC version 9.4.0 through 9.4.4, 9.2.0 through 9.2.8, 9.1.0 through 9.1.10, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 7.2.0 through 7.2.3 may allow a remote authenticated attacker to perform stored and...
CVE-2024-26007
An improper check or handling of exceptional conditions vulnerability CWE-703 in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests...
CVE-2023-45583
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13,...