Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder

filestore.fortinet.com

FortiGuard Labs | FortiGuard Center - IR Advisories

Get the latest updates from FortiGuard Labs | FortiGuard Center - IR Advisories directly as they happen.

Follow now 445 followers

Latest posts

Last updated 5 days ago

Heap-based buffer overflow in cw_stad daemon

6 days ago

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS cw_stad daemon may allow...

PKI via API: Authentication granted with an invalid certificate

6 days ago

A missing critical step in authentication vulnerability [CWE-304] in FortiOS & FortiProxy...

Session still active for deleted admin

6 days ago

An insufficient session expiration vulnerability [CWE-613] in FortiSandbox & FortiIsolator may allow...

SQL injection in forward module

6 days ago

An Improper Neutralization of Special Elements used in an SQL Command ('SQL...

Access control bypass in logging component

6 days ago

An improper access control vulnerability [CWE-284] in FortiIsolator logging component may allow...

Command injection vulnerability

6 days ago

Two improper neutralization of special elements used in an OS command ('OS...

DNS type 65 resource record requests bypass DNS filter

6 days ago

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS and...

Unauthenticated SQL injection in GUI

6 days ago

An improper neutralization of special elements used in an SQL command ('SQL...

Privilege escalation in automation-stitch

about 1 month ago

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in...

Telemetry protocol authentication is based over VDOM and FCTUID

about 1 month ago

An improper authentication vulnerability [CWE-287] in FortiClientEMS telemetry protocol may allow an...

SSH key is added even if operation is aborted

about 1 month ago

An incomplete cleanup vulnerability [CWE-459] in FortiOS & FortiProxy may allow a...

Firewall session injection in FGSP

about 1 month ago

An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in...