|
1761
|
- |
|
-
|
-
|
An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an una…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-46670
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1762
|
- |
|
-
|
-
|
An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated at…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46669
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1763
|
- |
|
-
|
-
|
An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-46668
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1764
|
- |
|
-
|
-
|
An allocation of resources without limits or throttling [CWE-770] vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-46666
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1765
|
- |
|
-
|
-
|
An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS account…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2024-46665
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1766
|
- |
|
-
|
-
|
A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or…
|
CWE-23
Relative Path Traversal
|
CVE-2024-46664
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1767
|
- |
|
-
|
-
|
An Improper Access Control vulnerability [CWE-284] in FortiDeceptor version 6.0.0, version 5.3.3 and below, version 5.2.1 and below, version 5.1.0, version 5.0.0 may allow an authenticated attacker w…
|
CWE-284
Improper Access Control
|
CVE-2024-45326
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1768
|
- |
|
-
|
-
|
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an auth…
|
CWE-78
OS Command
|
CVE-2024-40587
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1769
|
- |
|
-
|
-
|
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.…
|
CWE-22
Path Traversal
|
CVE-2024-36512
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1770
|
- |
|
-
|
-
|
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versi…
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2024-36510
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
