|
4141
|
- |
|
-
|
-
|
A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or…
|
CWE-23
Relative Path Traversal
|
CVE-2024-46664
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4142
|
- |
|
-
|
-
|
An Improper Access Control vulnerability [CWE-284] in FortiDeceptor version 6.0.0, version 5.3.3 and below, version 5.2.1 and below, version 5.1.0, version 5.0.0 may allow an authenticated attacker w…
|
CWE-284
Improper Access Control
|
CVE-2024-45326
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4143
|
- |
|
-
|
-
|
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an auth…
|
CWE-78
OS Command
|
CVE-2024-40587
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4144
|
- |
|
-
|
-
|
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.…
|
CWE-22
Path Traversal
|
CVE-2024-36512
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4145
|
- |
|
-
|
-
|
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versi…
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2024-36510
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4146
|
- |
|
-
|
-
|
An improper verification of source of a communication channel vulnerability [CWE-940] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, 6.4 all versions may allow a remote attacker to b…
|
CWE-940
Improper Verification of Source of a Communication Channel
|
CVE-2024-36506
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4147
|
- |
|
-
|
-
|
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiPortal versions 7.2.4 through 7.2.0 and 7.0.0 through 7.2.8 may allow an authenticated attacker…
|
CWE-89
SQL Injection
|
CVE-2024-35278
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4148
|
- |
|
-
|
-
|
A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0.15, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-35277
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4149
|
- |
|
-
|
-
|
A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2024-35276
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4150
|
- |
|
-
|
-
|
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker …
|
CWE-89
SQL Injection
|
CVE-2024-35275
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
