← Find more feeds

fortiguard.com

FortiGuard Labs | FortiGuard Center - IR Advisories

Get the latest updates from FortiGuard Labs | FortiGuard Center - IR Advisories directly as they happen.

Follow now 82 followers

Latest posts

Last updated 28 days ago

Unverified password change via set_password endpoint

28 days ago

An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a...

Read full

OS command injection on diagnose feature (GUI)

28 days ago

An improper neutralization of special elements used in an OS command ('OS...

Read full

Incorrect user management in widgets dashboard

28 days ago

An Incorrect User Management vulnerability [CWE-286] in FortiWeb widgets dashboard may allow...

Read full

Directory Traversal

28 days ago

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')...

Read full

EMS can send javascript code to client through messages

28 days ago

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79]...

Read full

Use of uninitialized resource in SSLVPN websocket

28 days ago

Multiple potential issues, including the use of uninitialized ressources [CWE-908] and excessive...

Read full

OS command injection on gen-ca-cert command

28 days ago

An improper neutralization of special elements used in an OS command ('OS...

Read full

Log Pollution via login page

28 days ago

An Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiManager and FortiAnalyzer...

Read full

LDAP Clear-text credentials retrievable with IP modification

28 days ago

An insufficiently protected credentials [CWE-522] vulnerability in FortiOS may allow a privileged...

Read full

No certificate name verification for fgfm connection

28 days ago

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in...

Read full

Multiple format string vulnerabilities

about 2 months ago

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS, FortiProxy, FortiPAM...

Read full

Incorrect authorization in incident page

about 2 months ago

An incorrect authorization vulnerability [CWE-863] in FortiSIEM may allow an authenticated attacker...

Read full

Or log in

Everything you care about in one place

FortiGuard Labs | FortiGuard Center - IR Advisories

Latest posts

Unverified password change via set_password endpoint

OS command injection on diagnose feature (GUI)

Incorrect user management in widgets dashboard

Directory Traversal

EMS can send javascript code to client through messages

Use of uninitialized resource in SSLVPN websocket

OS command injection on gen-ca-cert command

Log Pollution via login page

LDAP Clear-text credentials retrievable with IP modification

No certificate name verification for fgfm connection

Multiple format string vulnerabilities

Incorrect authorization in incident page

Try Feeder for free