← Find more feeds

filestore.fortinet.com

FortiGuard Labs | FortiGuard Center - IR Advisories

Get the latest updates from FortiGuard Labs | FortiGuard Center - IR Advisories directly as they happen.

Follow now 426 followers

Latest posts

Last updated 3 days ago

EMS can send javascript code to client through messages

about 1 month ago

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79]...

Read full

LDAP Clear-text credentials retrievable with IP modification

about 1 month ago

An insufficiently protected credentials [CWE-522] vulnerability in FortiOS may allow a privileged...

Read full

Use of uninitialized resource in SSLVPN websocket

about 1 month ago

Multiple potential issues, including the use of uninitialized ressources [CWE-908] and excessive...

Read full

Log Pollution via login page

about 1 month ago

An Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiManager and FortiAnalyzer...

Read full

OS command injection on gen-ca-cert command

about 1 month ago

An improper neutralization of special elements used in an OS command ('OS...

Read full

No certificate name verification for fgfm connection

about 1 month ago

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in...

Read full

OS command injection on diagnose feature (GUI)

about 1 month ago

An improper neutralization of special elements used in an OS command ('OS...

Read full

Incorrect user management in widgets dashboard

about 1 month ago

An Incorrect User Management vulnerability [CWE-286] in FortiWeb widgets dashboard may allow...

Read full

Directory Traversal

about 1 month ago

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')...

Read full

Unverified password change via set_password endpoint

about 1 month ago

An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a...

Read full

Multiple format string vulnerabilities

about 2 months ago

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS, FortiProxy, FortiPAM...

Read full

Os command injection on vm download feature

about 2 months ago

An improper neutralization of special elements used in an OS Command vulnerability...

Read full

Or log in

Everything you care about in one place

FortiGuard Labs | FortiGuard Center - IR Advisories

Latest posts

EMS can send javascript code to client through messages

LDAP Clear-text credentials retrievable with IP modification

Use of uninitialized resource in SSLVPN websocket

Log Pollution via login page

OS command injection on gen-ca-cert command

No certificate name verification for fgfm connection

OS command injection on diagnose feature (GUI)

Incorrect user management in widgets dashboard

Directory Traversal

Unverified password change via set_password endpoint

Multiple format string vulnerabilities

Os command injection on vm download feature

Try Feeder for free