|
247241
|
5.3 |
MEDIUM
Network
|
fortinet
|
fortios
|
An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file throu…
|
CWE-200
Information Exposure
|
CVE-2018-13367
|
2024-11-21 12:46 |
2019-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247242
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
|
A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL V…
|
CWE-601
Open Redirect
|
CVE-2018-13384
|
2024-11-21 12:46 |
2019-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247243
|
7.5 |
HIGH
Network
|
fortinet
|
fortiproxy
fortios
|
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web p…
|
CWE-863
Incorrect Authorization
|
CVE-2018-13382
|
2024-11-21 12:46 |
2019-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247244
|
7.5 |
HIGH
Network
|
fortinet
|
fortios
fortiproxy
|
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-13381
|
2024-11-21 12:46 |
2019-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247245
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
fortiproxy
|
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below and Fortinet FortiProxy 2.0.0, 1.2.8 and below under SSL VPN web portal a…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13380
|
2024-11-21 12:46 |
2019-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247246
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiproxy
fortios
|
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to…
|
CWE-22
Path Traversal
|
CVE-2018-13379
|
2024-11-21 12:46 |
2019-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247247
|
7.8 |
HIGH
Local
|
fortinet
|
forticlient
|
A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the command injection.
|
NVD-CWE-noinfo
|
CVE-2018-13368
|
2024-11-21 12:46 |
2019-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247248
|
5.3 |
MEDIUM
Network
|
fortinet
|
fortios
|
An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page.
|
CWE-200
Information Exposure
|
CVE-2018-13365
|
2024-11-21 12:46 |
2019-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247249
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortiproxy
fortios
|
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may ca…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-13383
|
2024-11-21 12:46 |
2019-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247250
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortianalyzer
fortimanager
|
An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an attacker to send DHCP request containing malicious scripts …
|
CWE-79
Cross-site Scripting
|
CVE-2018-13375
|
2024-11-21 12:46 |
2019-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
