Vulnerabilidades em Fortinet
933 resultadosCVE-2018-13380MEDIUMA Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FEPSS 62.5%CVE-2024-23113CRITICALA use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FoEPSS 61.7%KEVCVE-2025-25256CRITICALAn improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM vEPSS 56.2%CVE-2025-58034MEDIUMAn Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] vulnerability in FortinEPSS 54.4%KEVCVE-2026-39808CRITICALA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 thEPSS 48.7%CVE-2025-64155CRITICALAn improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, ForEPSS 42.6%CVE-2018-13374MEDIUMA Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6.0.1, 5.4.0 to 5.4.4 allows attacker to obtEPSS 38.1%KEVCVE-2021-42756CRITICALMultiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and EPSS 36.4%CVE-2018-13383MEDIUMA heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxEPSS 33.6%KEVCVE-2025-32756CRITICALA stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versionEPSS 31.4%KEVCVE-2023-34991CRITICALA improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and EPSS 28.8%CVE-2023-34990CRITICALA relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized cEPSS 24.9%CVE-2023-33299CRITICALA deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attackEPSS 24.3%CVE-2025-59719CRITICALAn improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 tEPSS 23.7%CVE-2026-25089CRITICALA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 thEPSS 23.4%CVE-2022-38380MEDIUMAn improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticateEPSS 23.0%CVE-2023-48783MEDIUMAn Authorization Bypass Through User-Controlled Key vulnerability [CWE-639] affecting PortiPortal version 7.2.1 and below, version 7.0.6 andEPSS 22.2%CVE-2024-27781MEDIUMAn improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 throughEPSS 22.0%CVE-2019-5591MEDIUMA Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive informationEPSS 18.6%KEVCVE-2023-34993CRITICALA improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.EPSS 18.1%