📦 Fortipam

This critical vulnerability allows remote attackers to execute arbitrary code or commands on affected Fortinet devices by sending specially crafted packets that exploit a format string vulnerability. ...

A heap-based buffer overflow vulnerability in Fortinet's FortiOS, FortiPAM, and FortiProxy allows authenticated users to execute arbitrary code via crafted RDP bookmark connection requests. This affec...

A weak authentication vulnerability in Fortinet FortiPAM and FortiSwitchManager allows attackers to execute unauthorized code or commands via specially crafted HTTP requests. This affects multiple ver...

This CVE describes an authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiPAM products that allows unauthenticated attackers to take control of managed devices. Attackers can...

A format string vulnerability in multiple Fortinet products allows privileged attackers to execute arbitrary code via crafted HTTP/HTTPS requests. This affects FortiOS, FortiProxy, FortiPAM, FortiSRA,...

This vulnerability allows read-only administrators to retrieve API tokens of other administrators by examining REST API logs when REST API logging is enabled. This affects Fortinet's FortiOS, FortiPro...

This vulnerability allows authenticated administrators with CLI read-write privileges in FortiPAM to obtain other administrators' credentials through diagnose commands. It affects all versions of Fort...

This vulnerability allows an unauthenticated attacker to repeatedly reset the fgfm connection via crafted SSL encrypted TCP requests, causing denial of service. Affected systems include FortiOS, Forti...

An integer overflow vulnerability in Fortinet SSL-VPN RDP/VNC bookmarks allows authenticated users to craft requests that may crash the SSL-VPN service, causing denial of service. This affects FortiOS...

A double free vulnerability in multiple Fortinet products allows privileged attackers to execute arbitrary code or commands via crafted HTTP/HTTPS requests. This affects FortiOS, FortiPAM, and FortiPr...

This vulnerability allows unauthenticated attackers to execute arbitrary code or commands on affected Fortinet devices by sending specially crafted packets. It affects multiple Fortinet products inclu...

This CVE describes a format string vulnerability in multiple Fortinet products that allows attackers to execute arbitrary code or commands. The vulnerability affects FortiProxy, FortiPAM, FortiOS, and...

This CVE describes an improper privilege management vulnerability in multiple Fortinet products that allows authenticated administrators to bypass trusted host policies via crafted CLI commands. The v...