|
1221
|
- |
|
-
|
-
|
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP connector version 3.5.7 and below may allow an authenticated att…
|
CWE-78
OS Command
|
CVE-2024-48890
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1222
|
- |
|
-
|
-
|
A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.10,…
|
CWE-1390
Weak Authentication
|
CVE-2024-48886
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1223
|
- |
|
-
|
-
|
A improper limitation of a pathname to a restricted directory ('path traversal') [CWE-23] in Fortinet FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to delete…
|
CWE-22
Path Traversal
|
CVE-2024-47566
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1224
|
- |
|
-
|
-
|
An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an una…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-46670
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1225
|
- |
|
-
|
-
|
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated at…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46669
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1226
|
- |
|
-
|
-
|
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-46668
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1227
|
- |
|
-
|
-
|
An allocation of resources without limits or throttling [CWE-770] vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-46666
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1228
|
- |
|
-
|
-
|
An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS account…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2024-46665
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1229
|
- |
|
-
|
-
|
A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or…
|
CWE-23
Relative Path Traversal
|
CVE-2024-46664
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1230
|
- |
|
-
|
-
|
An Improper Access Control vulnerability [CWE-284] in FortiDeceptor version 6.0.0, version 5.3.3 and below, version 5.2.1 and below, version 5.1.0, version 5.0.0 may allow an authenticated attacker w…
|
CWE-284
Improper Access Control
|
CVE-2024-45326
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
