Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-36550

A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4…

Devamını oku

CVE-2023-36555

An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 – 7.2.4 allows an attacker to execute unauthorized…

Devamını oku

CVE-2023-36556

An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login…

Devamını oku

CVE-2023-36637

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiMail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to…

Devamını oku

CVE-2023-37939

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux…

Devamını oku

CVE-2023-25604

An insertion of sensitive information into log file vulnerability in Fortinet FortiGuest 1.0.0 allows a local attacker to access plaintext passwords in the RADIUS logs.…

Devamını oku

CVE-2023-25607

An improper neutralization of special elements used in an OS Command (‘OS Command Injection’) vulnerability [CWE-78 ] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7,…

Devamını oku

CVE-2023-33301

An improper access control vulnerability in Fortinet FortiOS 7.2.0 – 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from a non trusted…

Devamını oku

CVE-2023-34985

A improper neutralization of special elements used in an os command (‘os command injection’) in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4…

Devamını oku