Vulnerabilidades en Fortinet

933 resultados

CVE-2023-25610CRITICALA buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, versEPSS 17.8%CVE-2026-39813CRITICALA path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attackEPSS 16.7%CVE-2021-26102CRITICALA relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated EPSS 16.4%CVE-2025-53949HIGHAn Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in FortinEPSS 15.5%CVE-2024-48884HIGHA improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiManager 7.6.0 through 7.6.1,EPSS 14.9%CVE-2023-33300MEDIUMA improper neutralization of special elements used in a command ('command injection') in Fortinet FortiNAC 7.2.1 and earlier, 9.4.3 and earlEPSS 13.7%CVE-2021-43062MEDIUMA improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiMail version 7.0.1 and 7.0.0, versioEPSS 12.9%CVE-2022-41328MEDIUMA improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 thEPSS 12.3%KEV CVE-2024-48887CRITICALA unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwordEPSS 11.3%CVE-2025-53679MEDIUMAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] vulnerability in FortinEPSS 10.8%CVE-2025-52970HIGHA improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.EPSS 10.7%CVE-2021-22122—An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 through 6.3.7 and version before 6.2.4 may alEPSS 10.5%CVE-2024-54018MEDIUMMultiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE-78] in FortiSandbox before 4.4.5 allows a prEPSS 9.2%CVE-2021-32589HIGHA Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 andEPSS 8.7%CVE-2025-53609MEDIUMA Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7.4.8, 7.2.0 through 7.2.11, 7.0.2 through 7EPSS 8.4%CVE-2025-52436HIGHAn Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability [CWE-79] vulnerability in Fortinet ForEPSS 7.5%CVE-2025-64447HIGHA reliance on cookies without validation and integrity checking vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 throuEPSS 7.4%CVE-2022-41333MEDIUMAn uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authenticationEPSS 7.2%CVE-2025-59922MEDIUMAn improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] vulnerability in Fortinet ForEPSS 7.0%CVE-2026-40688MEDIUMAn out-of-bounds write vulnerability [CWE-787] vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeEPSS 6.4%

← anteriorpágina 3 / 47siguiente →