Latest medium severity vulnerabilities for "fortios" 6.4.0

FortiOSOut-of-bounds Write in IPSEC Daemon

medium

5.9

First published 3mo ago (updated 2mo ago)

CVE-2024-52963

FortiOSWeak key derivation for backup file

medium

4.4

First published 10mo ago (updated 6mo ago)

CVE-2024-21754

FortiOSSSL-VPN user IP spoofing

medium

5

First published 11mo ago (updated 10mo ago)

CVE-2023-45586

Fortinet FortiProxyFormat String Bug in cli command

medium

6.7

First published 11mo ago (updated 8mo ago)

CVE-2023-36640

FortiOSFortiOS - Format String in CLI command

medium

6.7

First published 12mo ago (updated 3mo ago)

CVE-2023-48784

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

FortiOSNull Pointer Dereference

medium

6.5

First published 1y ago (updated 4mo ago)

CVE-2023-29179

FortiOSFirewall deny policy bypass

medium

5.3

First published 1y ago (updated 8mo ago)

CVE-2023-47536

Fortinet FortiProxyDOS in headers management

medium

6.5

First published 1y ago (updated 7mo ago)

CVE-2023-36641

FortiOSBypass of root file system integrity checks at boot time on VM

medium

6.7

First published 1y ago (updated 6mo ago)

CVE-2023-28002

FortiOSAuthenticated user null pointer dereference in SSL-VPN

medium

6.5

First published 2y ago (updated 6mo ago)

CVE-2023-33306

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

FortiOSA loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7…

medium

6.5

First published 2y ago (updated 6mo ago)

CVE-2023-33305

Fortinet FortiProxyPath Traversal

medium

6.5

First published 2y ago (updated 6mo ago)

CVE-2022-42474

FortiOSLack of certificate verification when establishing secure connections

medium

4.8

First published 2y ago (updated 6mo ago)

CVE-2023-29175

Fortinet FortiProxyAccess of uninitialized pointer in administrative interface API

medium

4.3

First published 2y ago (updated 6mo ago)

CVE-2023-29178

FortiOSInfoleak

medium

5.3

First published 2y ago (updated 6mo ago)

CVE-2022-41329

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Fortinet FortiProxyAccess of NULL pointer in SSLVPNd

medium

6.5

First published 2y ago (updated 6mo ago)

CVE-2022-45861

FortiOSA improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet …

medium

5.4

First published 2y ago (updated 6mo ago)

CVE-2022-42472

FortiOSCert private key disclosure

medium

5.3

First published 2y ago (updated 6mo ago)

CVE-2022-22302

FortiOSStored cross-site scripting in replacement messages visualization

medium

5.4

First published 2y ago (updated 6mo ago)

CVE-2022-40680

FortiOSXSS

medium

5.4

First published 3y ago (updated 6mo ago)

CVE-2021-43080

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

FortiOSAn improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 t…

medium

4.3

First published 3y ago (updated 6mo ago)

CVE-2022-23442

Fortinet FortiProxyBuffer Overflow

medium

6.7

First published 3y ago (updated 5mo ago)

CVE-2021-44170

Fortinet FortiVoice EnterpriseInteger overflow in dhcpd daemon

medium

4.3

First published 3y ago (updated 8mo ago)

CVE-2021-42755

FortiOSAn improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 th…

medium

5.4

First published 3y ago (updated 6mo ago)

CVE-2022-22306

FortiOSXSS

medium

6.1

First published 3y ago (updated 6mo ago)

CVE-2021-43081

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

FortiOSA server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through …

medium

4.3

First published 3y ago (updated 6mo ago)

CVE-2021-43206

FortiOSInput Validation

medium

4.5

First published 3y ago (updated 6mo ago)

CVE-2020-15936

Fortinet FortiWebBuffer overflow in TFTP client library of CLI

medium

6.3

First published 3y ago (updated 6mo ago)

FG-IR-21-173

Fortinet FortiWebBuffer overflow in TFTP client library of CLI

medium

6.7

First published 3y ago (updated 5mo ago)

CVE-2021-42757

FortiOSInfoleak

medium

5

First published 3y ago (updated 5mo ago)

CVE-2021-32600

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Trending

FortiOSOut-of-bounds Write in IPSEC Daemon

FortiOSWeak key derivation for backup file

FortiOSSSL-VPN user IP spoofing

Fortinet FortiProxyFormat String Bug in cli command

FortiOSFortiOS - Format String in CLI command

Never miss a vulnerability like this again

FortiOSNull Pointer Dereference

FortiOSFirewall deny policy bypass

Fortinet FortiProxyDOS in headers management

FortiOSBypass of root file system integrity checks at boot time on VM

FortiOSAuthenticated user null pointer dereference in SSL-VPN

Never miss a vulnerability like this again

FortiOSA loop with unreachable exit condition ('infinite loop') in Fortinet FortiOS version 7.2.0 through 7…

Fortinet FortiProxyPath Traversal

FortiOSLack of certificate verification when establishing secure connections

Fortinet FortiProxyAccess of uninitialized pointer in administrative interface API

FortiOSInfoleak

Never miss a vulnerability like this again

Fortinet FortiProxyAccess of NULL pointer in SSLVPNd

FortiOSA improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet …

FortiOSCert private key disclosure

FortiOSStored cross-site scripting in replacement messages visualization

FortiOSXSS

Never miss a vulnerability like this again

FortiOSAn improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4.0 t…

Fortinet FortiProxyBuffer Overflow

Fortinet FortiVoice EnterpriseInteger overflow in dhcpd daemon

FortiOSAn improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 th…

FortiOSXSS

Never miss a vulnerability like this again

FortiOSA server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through …

FortiOSInput Validation

Fortinet FortiWebBuffer overflow in TFTP client library of CLI

Fortinet FortiWebBuffer overflow in TFTP client library of CLI

FortiOSInfoleak

Never miss a vulnerability like this again

Company

Resources

Contact