CVE-2022-27488 — CVSS 8.3 (high): A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0…
CVE-2023-48790 — CVSS 7.5 (high): A cross site request forgery vulnerability [CWE-352] in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and…
CVE-2021-42757 — CVSS 6.7 (medium): A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated…
CVE-2024-47573 — CVSS 6.5 (medium): An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below…
CVE-2026-25088 — CVSS 5.4 (medium): An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiNDR 7.6.0 through…
CVE-2024-23104 — CVSS 5.4 (medium): An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8…
CVE-2023-33302 — CVSS 4.7 (medium): A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version…
CVE-2022-23439 — CVSS 4.7 (medium): A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via…
CVE-2024-40588 — CVSS 4.4 (medium): Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 all versions, FortiCamera 2.0.0…
CVE-2024-47569 — CVSS 4.3 (medium): A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 through 7.4.2, FortiMail 7.2.0 through 7.2.6…