Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder

filestore.fortinet.com

FortiGuard Labs | FortiGuard Center - IR Advisories

Get the latest updates from FortiGuard Labs | FortiGuard Center - IR Advisories directly as they happen.

Follow now 450 followers

Latest posts

Last updated 23 days ago

Heap-based buffer overflow in cw_stad daemon

23 days ago

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS cw_stad daemon may allow...

PKI via API: Authentication granted with an invalid certificate

23 days ago

A missing critical step in authentication vulnerability [CWE-304] in FortiOS & FortiProxy...

Session still active for deleted admin

23 days ago

An insufficient session expiration vulnerability [CWE-613] in FortiSandbox & FortiIsolator may allow...

SQL injection in forward module

23 days ago

An Improper Neutralization of Special Elements used in an SQL Command ('SQL...

Access control bypass in logging component

23 days ago

An improper access control vulnerability [CWE-284] in FortiIsolator logging component may allow...

Command injection vulnerability

23 days ago

Two improper neutralization of special elements used in an OS command ('OS...

DNS type 65 resource record requests bypass DNS filter

23 days ago

An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS and...

Unauthenticated SQL injection in GUI

23 days ago

An improper neutralization of special elements used in an SQL command ('SQL...

Privilege escalation in automation-stitch

about 2 months ago

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in...

Telemetry protocol authentication is based over VDOM and FCTUID

about 2 months ago

An improper authentication vulnerability [CWE-287] in FortiClientEMS telemetry protocol may allow an...

SSH key is added even if operation is aborted

about 2 months ago

An incomplete cleanup vulnerability [CWE-459] in FortiOS & FortiProxy may allow a...

Firewall session injection in FGSP

about 2 months ago

An improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in...