|
1131
|
- |
|
-
|
-
|
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated at…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46669
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1132
|
- |
|
-
|
-
|
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-46668
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1133
|
- |
|
-
|
-
|
An allocation of resources without limits or throttling [CWE-770] vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-46666
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1134
|
- |
|
-
|
-
|
An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS account…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2024-46665
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1135
|
- |
|
-
|
-
|
A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or…
|
CWE-23
Relative Path Traversal
|
CVE-2024-46664
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1136
|
- |
|
-
|
-
|
An Improper Access Control vulnerability [CWE-284] in FortiDeceptor version 6.0.0, version 5.3.3 and below, version 5.2.1 and below, version 5.1.0, version 5.0.0 may allow an authenticated attacker w…
|
CWE-284
Improper Access Control
|
CVE-2024-45326
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1137
|
- |
|
-
|
-
|
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an auth…
|
CWE-78
OS Command
|
CVE-2024-40587
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1138
|
- |
|
-
|
-
|
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.…
|
CWE-22
Path Traversal
|
CVE-2024-36512
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1139
|
- |
|
-
|
-
|
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versi…
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2024-36510
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1140
|
- |
|
-
|
-
|
An improper verification of source of a communication channel vulnerability [CWE-940] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, 6.4 all versions may allow a remote attacker to b…
|
CWE-940
Improper Verification of Source of a Communication Channel
|
CVE-2024-36506
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
