CVE-2024-52424

creationtimestamp| type| source ---|---|--- 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

CVE-2025-53925

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:46+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

CVE-2024-54020

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests...

CVE-2025-2217

creationtimestamp| type| source ---|---|--- 2025-03-12 16:41:08+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7331 2025-08-13 13:26:34+00:00| seen| MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868...

CVE-2025-1957

creationtimestamp| type| source ---|---|--- 2025-03-04 22:33:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6448 2025-03-05 00:12:41+00:00| seen| https://t.me/cvedetector/19548 2025-08-18 18:31:00+00:00| seen| MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7...

CVE-2024-53030

creationtimestamp| type| source ---|---|--- 2025-03-03 10:29:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6174 2025-03-03 13:52:23+00:00| seen| https://t.me/cvedetector/19333 2025-03-08 04:34:56+00:00| seen| Telegram/OGIDiKvvM0Jjiz1z9hdpv-wf9g1Zg56ibqiTUo2p4xAOFCK 2025-08-18...

CVE-2024-56052

creationtimestamp| type| source ---|---|--- 2024-12-18 21:13:31+00:00| seen| https://t.me/cvedetector/13230 2025-09-15 13:28:32+00:00| seen| MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f 2025-09-16 03:45:05+00:00| seen| MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f...

CVE-2024-53947

creationtimestamp| type| source ---|---|--- 2024-12-09 16:22:14+00:00| seen| https://t.me/cvedetector/12393 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:35+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...

CVE-2024-10450

creationtimestamp| type| source ---|---|--- 2024-10-28 17:00:13+00:00| seen| https://t.me/cvedetector/9135 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:30+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

CVE-2024-9488

creationtimestamp| type| source ---|---|--- 2024-10-25 08:43:12+00:00| seen| https://t.me/cvedetector/8889 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:32+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

Fortinet Fortigate Lack of certificate verification when establishing secure connections with threat feed fabric connectors (FG-IR-22-257)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-257 advisory. - An improper certificate validation vulnerability CWE-295 in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.7, 6.4 all...

Fortinet Fortigate xss (FG-IR-21-222)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-222 advisory. - An improper neutralization of input during web page generation vulnerability CWE-79 in FortiOS version 7.2.0, version 6.4.0...

CVE-2021-43080

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting XSS attack through the URI parameter via the Threat...

CVE-2021-43080

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting XSS attack through the URI parameter via the Threat...

Cross site scripting

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting XSS attack through the URI parameter via the Threat...

CVE-2021-43080

CVE-2021-43080 describes an improper neutralization of input (CWE-79) in FortiOS affecting versions 7.2.0, 6.4.0–6.4.9, and 7.0.0–7.0.5, enabling an authenticated user to perform a stored XSS via the URI parameter in the Threat Feed IP address section of the Security Fabric External connectors. T...

CVE-2021-43080

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiOS version 7.2.0, version 6.4.0 through 6.4.9, version 7.0.0 through 7.0.5 may allow an authenticated attacker to perform a stored cross site scripting XSS attack through the URI parameter via the Threat...

PT-2022-11772 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4.0 through 6.4.9 FortiOS versions 7.0.0 through 7.0.5 FortiOS version 7.2.0 Description: The issue is related to an improper neutralization of input during web page generation, which may allow an authenticated attacker to...

Protect

An improper neutralization of input during web page generation vulnerability CWE-79 in FortiOS may allow an authenticated attacker to perform a stored cross site scripting XSS attack through the URI parameter via the Threat Feed IP address section of the Security Fabric External connectors...

What's New in InsightVM and Nexpose: Q1 2022 in Review

The world of cybersecurity never has a dull moment. While we are still recovering from the aftermath of Log4Shell, the recent ContiLeaks exposed multiple vulnerabilities that have been exploited by the Conti ransomware group. It’s critical for your team to identify the risk posed by such...