3 results (0.004 seconds)

CVSS: 10.0EPSS: 8%CPEs: 23EXPL: 5

13 May 2025 — A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiVoice versions 7.2.0, 7.0.0 through 7.0.6, 6.4.0 through 6.4.10, FortiRecorder versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.5, 6.4.0 through 6.4.5, FortiMail versions 7.6.0 through 7.6.2, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.8, FortiNDR versions 7.6.0, 7.4.0 through 7.4.7, 7.2.0 through 7.2.4, 7.0.0 through 7.0.6, FortiCamera versions 2.1.0 through 2.1.3, 2.0 all versions, 1.1 all versions, allows a remote unaut... • https://github.com/exfil0/CVE-2025-32756-POC • CWE-121: Stack-based Buffer Overflow •

CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 0

14 Mar 2025 — An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image. • https://fortiguard.fortinet.com/psirt/FG-IR-23-461 • CWE-354: Improper Validation of Integrity Check Value •

CVSS: 7.6EPSS: 0%CPEs: 5EXPL: 0

11 Mar 2025 — A cross site request forgery vulnerability [CWE-352] in Fortinet FortiNDR version 7.4.0, 7.2.0 through 7.2.1 and 7.1.0 through 7.1.1 and before 7.0.5 may allow a remote unauthenticated attacker to execute unauthorized actions via crafted HTTP GET requests. • https://fortiguard.fortinet.com/psirt/FG-IR-23-353 • CWE-352: Cross-Site Request Forgery (CSRF) •