← Find more feeds

filestore.fortinet.com

FortiGuard Labs | FortiGuard Center - IR Advisories

Get the latest updates from FortiGuard Labs | FortiGuard Center - IR Advisories directly as they happen.

Follow now 442 followers

Latest posts

Last updated 21 days ago

IPsec improper validation of certificate with host mismatch

21 days ago

An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiClient...

Read full

Improper Handling of Insufficient Permissions or Privileges in GUI websocket

21 days ago

An Improper Handling of Insufficient Permissions or Privileges Vulnerability [CWE-280] in FortiPAM...

Read full

Privilege escalation in automation-stitch

21 days ago

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in...

Read full

Telemetry protocol authentication is based over VDOM and FCTUID

21 days ago

An improper authentication vulnerability [CWE-287] in FortiClientEMS telemetry protocol may allow an...

Read full

Insufficient Access Control Over API Endpoints

21 days ago

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiPortal may allow...

Read full

SSH key is added even if operation is aborted

21 days ago

An incomplete cleanup vulnerability [CWE-459] in FortiOS & FortiProxy may allow a...

Read full

Firewall session injection in FGSP

21 days ago

An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in...

Read full

Multiple OS command injection in Web Vulnerability Scanner

21 days ago

An Improper Neutralization of Special Elements used in an OS Command ('OS...

Read full

Weak authentication in security fabric daemon

21 days ago

A channel accessible by non-endpoint vulnerability [CWE-300] in FortiOS & FortiProxy may...

Read full

Privilege escalation in GUI websocket module

21 days ago

An Improper Privilege Management vulnerability [CWE-269] affecting FortiOS, FortiProxy & FortiWeb may...

Read full

Information Disclosure on SSLVPN endpoint

21 days ago

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in...

Read full

eap-cert-auth bypass via revoked certificate

21 days ago

An Improper Certificate Validation vulnerability [CWE-295] in FortiOS may allow an EAP...

Read full

Or log in

Everything you care about in one place

FortiGuard Labs | FortiGuard Center - IR Advisories

Latest posts

IPsec improper validation of certificate with host mismatch

Improper Handling of Insufficient Permissions or Privileges in GUI websocket

Privilege escalation in automation-stitch

Telemetry protocol authentication is based over VDOM and FCTUID

Insufficient Access Control Over API Endpoints

SSH key is added even if operation is aborted

Firewall session injection in FGSP

Multiple OS command injection in Web Vulnerability Scanner

Weak authentication in security fabric daemon

Privilege escalation in GUI websocket module

Information Disclosure on SSLVPN endpoint

eap-cert-auth bypass via revoked certificate

Try Feeder for free