Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder

filestore.fortinet.com

FortiGuard Labs | FortiGuard Center - IR Advisories

Get the latest updates from FortiGuard Labs | FortiGuard Center - IR Advisories directly as they happen.

Follow now 442 followers

Latest posts

Last updated 21 days ago

IPsec improper validation of certificate with host mismatch

21 days ago

An improper validation of certificate with host mismatch [CWE-297] vulnerability in FortiClient...

Improper Handling of Insufficient Permissions or Privileges in GUI websocket

21 days ago

An Improper Handling of Insufficient Permissions or Privileges Vulnerability [CWE-280] in FortiPAM...

Privilege escalation in automation-stitch

21 days ago

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in...

Telemetry protocol authentication is based over VDOM and FCTUID

21 days ago

An improper authentication vulnerability [CWE-287] in FortiClientEMS telemetry protocol may allow an...

Insufficient Access Control Over API Endpoints

21 days ago

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiPortal may allow...

SSH key is added even if operation is aborted

21 days ago

An incomplete cleanup vulnerability [CWE-459] in FortiOS & FortiProxy may allow a...

Firewall session injection in FGSP

21 days ago

An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in...

Multiple OS command injection in Web Vulnerability Scanner

21 days ago

An Improper Neutralization of Special Elements used in an OS Command ('OS...

Weak authentication in security fabric daemon

21 days ago

A channel accessible by non-endpoint vulnerability [CWE-300] in FortiOS & FortiProxy may...

Privilege escalation in GUI websocket module

21 days ago

An Improper Privilege Management vulnerability [CWE-269] affecting FortiOS, FortiProxy & FortiWeb may...

Information Disclosure on SSLVPN endpoint

21 days ago

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in...

eap-cert-auth bypass via revoked certificate

21 days ago

An Improper Certificate Validation vulnerability [CWE-295] in FortiOS may allow an EAP...