All vulnerabilities
400 / 400
Sort
9.8
CVE-2018-13379CVE KEV
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet F…
2018-01-01KEV
EPSS100.0%
pct 100
9.8
CVE-2022-40684CVE KEV
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS versi…
2022-01-01KEV
EPSS100.0%
pct 99
9.8
CVE-2022-42475CVE KEV
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.…
2022-01-01KEV
EPSS99.5%
pct 99
9.8
CVE-2024-55591CVE KEV
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting F…
2024-01-01KEV
EPSS98.2%
pct 99
9.8
CVE-2023-27997CVE KEV
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, versio…
2023-01-01KEV
EPSS85.7%
pct 99
7.5
CVE-2018-13382CVE KEV
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and …
2018-01-01KEV
EPSS81.7%
pct 99
9.8
CVE-2024-21762CVE KEV
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.…
2024-01-01KEV
EPSS80.8%
pct 99
9.8
CVE-2016-1909CVE
Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; Fo…
2016-01-01Pre-auth
EPSS71.3%
pct 99
9.8
CVE-2025-59718CVE KEV
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 thro…
2025-01-01KEV
EPSS63.5%
pct 99
6.1
CVE-2018-13380CVE
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, …
2018-01-01Pre-auth
EPSS62.5%
pct 99
9.8
CVE-2024-23113CVE KEV
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, …
2024-01-01KEV
EPSS61.7%
pct 99
9.8
CVE-2026-24858CVE KEV
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] vulnerabili…
2026-01-01KEV
EPSS55.1%
pct 98
9.8
CVE-2016-6909CVE
Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13…
2016-01-01Pre-auth
EPSS49.9%
pct 98
9.8
CVE-2020-12812CVE KEV
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and…
2020-01-01KEV
EPSS49.3%
pct 98
4.3
CVE-2018-13374CVE KEV
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to…
2018-01-01KEV
EPSS38.1%
pct 98
6.5
CVE-2018-13383CVE KEV
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 thr…
2018-01-01KEV
EPSS33.6%
pct 98
4.3
CVE-2022-38380CVE
An improper access control [CWE-284] vulnerability in FortiOS version 7.2.0 and versions 7.0.0 …
2022-01-01
EPSS23.0%
pct 97
6.5
CVE-2019-5591CVE KEV
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the s…
2019-01-01KEV
EPSS18.6%
pct 96
9.8
CVE-2023-25610CVE
A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Forti…
2023-01-01Pre-auth
EPSS14.3%
pct 96
4.3
CVE-2015-1880CVE
Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x bef…
2015-01-01
EPSS14.3%
pct 96
9.1
CVE-2024-48884CVE
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet Fo…
2024-01-01Pre-auth
EPSS14.2%
pct 96
7.1
CVE-2022-41328CVE KEV
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') …
2022-01-01KEV
EPSS12.3%
pct 95
6.1
CVE-2017-3133CVE
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows atta…
2017-01-01Pre-auth
EPSS8.9%
pct 94
6.1
CVE-2017-3132CVE
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows atta…
2017-01-01Pre-auth
EPSS8.1%
pct 94
5.4
CVE-2017-3131CVE
A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0…
2017-01-01
EPSS7.7%
pct 93
6.1
CVE-2016-3978CVE
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x be…
2016-01-01Pre-auth
EPSS6.3%
pct 92
6.5
CVE-2019-6693CVE KEV
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup …
2019-01-01KEV
EPSS5.4%
pct 91
7.5
CVE-2014-2216CVE
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.0.0 before 5.0.8 on F…
2014-01-01
EPSS5.1%
pct 91
5.4
CVE-2017-14186CVE
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, …
2017-01-01
EPSS3.7%
pct 88
4.4
CVE-2024-21754CVE
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting…
2024-01-01
EPSS3.5%
pct 87
9.3
CVE-2015-7361CVE
FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management inter…
2015-01-01
EPSS3.4%
pct 87
9.8
CVE-2023-42789CVE
A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 throu…
2023-01-01Pre-auth
EPSS3.3%
pct 86
7.5
CVE-2005-3058CVE
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows r…
2005-01-01
EPSS3.1%
pct 86
8.1
CVE-2025-24472CVE KEV
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting F…
2025-01-01KEV
EPSS3.0%
pct 85
10.0
CVE-2005-3057CVE
The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions befor…
2005-01-01
EPSS2.7%
pct 84
7.5
CVE-2023-29180CVE
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.1…
2023-01-01Pre-auth
EPSS2.6%
pct 83
6.5
CVE-2023-29179CVE
A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.1…
2023-01-01
EPSS2.5%
pct 82
4.3
CVE-2013-7182CVE
Cross-site scripting (XSS) vulnerability in firewall/schedule/recurrdlg in Fortinet FortiOS 5.0…
2013-01-01
EPSS2.4%
pct 81
5.1
CVE-2013-1414CVE
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate fir…
2013-01-01
EPSS2.3%
pct 80
8.1
CVE-2018-9185CVE
An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals us…
2018-01-01Pre-auth
EPSS2.1%
pct 79
Select a vulnerability on the left to open the preview.