| | CVE-2024-23667 | Fortinet | high | 7.8 | 0.4%
| | An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, Fo… | Jun 3, 2024 | Jul 8, 2026 |
| | CVE-2024-31491 | Fortinet | high | 8.8 | 1.1%
| | A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 throu… | May 14, 2024 | Jan 14, 2026 |
| | CVE-2023-45583 | Fortinet | medium | 6.7 | 0.2%
| | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 … | May 14, 2024 | Jun 12, 2026 |
| | CVE-2023-36640 | Fortinet | medium | 6.7 | 0.1%
| | A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 … | May 14, 2024 | Jun 12, 2026 |
| | CVE-2024-31487 | Fortinet | medium | 5.9 | 0.5%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-23671 | Fortinet | high | 8.1 | 0.8%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-21756 | Fortinet | high | 8.8 | 1.0%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2024-21755 | Fortinet | high | 8.8 | 1.0%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2023-47541 | Fortinet | medium | 6.7 | 0.1%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2023-47540 | Fortinet | medium | 6.7 | 0.1%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Apr 9, 2024 | Jan 14, 2026 |
| | CVE-2023-42790 | Fortinet | high | 8.1 | 1.1%
| | A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 t… | Mar 12, 2024 | Jul 8, 2026 |
| | CVE-2023-42789 | Fortinet | critical | 9.8 | 3.3%
| | A out-of-bounds write vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7… | Mar 12, 2024 | Jul 8, 2026 |
| | CVE-2023-41842 | Fortinet | medium | 6.7 | 0.1%
| | A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allo… | Mar 12, 2024 | Jan 14, 2026 |
| | CVE-2024-23109 | Fortinet | critical | 10.0 | 7.0%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Feb 5, 2024 | Jan 14, 2026 |
| | CVE-2024-23108 | Fortinet | critical | 10.0 | 90.4%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Feb 5, 2024 | Jan 14, 2026 |
| | CVE-2023-41844 | Fortinet | low | 3.5 | 0.4%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Dec 13, 2023 | Jan 14, 2026 |
| | CVE-2023-45587 | Fortinet | low | 3.4 | 0.4%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Dec 13, 2023 | Jul 8, 2026 |
| | CVE-2023-41843 | Fortinet | high | 7.5 | 0.2%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41836 | Fortinet | low | 3.5 | 0.1%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41682 | Fortinet | high | 8.1 | 0.4%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41681 | Fortinet | high | 7.5 | 0.1%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-41680 | Fortinet | high | 7.5 | 0.1%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Oct 13, 2023 | Jan 14, 2026 |
| | CVE-2023-34992 | Fortinet | critical | 10.0 | 75.9%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Oct 10, 2023 | Jan 14, 2026 |
| | CVE-2023-26210 | Fortinet | high | 7.8 | 0.1%
| | Multiple improper neutralization of special elements used in an os command ('OS Command Injection') … | Jun 13, 2023 | Jan 14, 2026 |
| | CVE-2022-40684 | Fortinet | critical | 9.8 | 94.4%
| ⚠ KEV | An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.… | Oct 18, 2022 | Jan 14, 2026 |
| | CVE-2021-36193 | Fortinet | medium | 6.7 | 0.5%
| | Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may a… | Feb 2, 2022 | Jan 13, 2026 |
| | CVE-2017-14184 | Fortinet | high | 8.8 | 1.6%
| | An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions… | Dec 15, 2017 | May 13, 2026 |
| | CVE-2017-7344 | Fortinet | high | 8.1 | 1.3%
| | A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows att… | Dec 14, 2017 | May 13, 2026 |
| | CVE-2017-7738 | Fortinet | high | 7.2 | 0.3%
| | An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2 and … | Dec 13, 2017 | May 13, 2026 |
| | CVE-2017-14189 | Fortinet | critical | 9.8 | 0.5%
| | An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can ac… | Nov 29, 2017 | May 13, 2026 |
| | CVE-2017-7736 | Fortinet | medium | 5.4 | 0.2%
| | A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page i… | Nov 22, 2017 | May 13, 2026 |
| | CVE-2017-7732 | Fortinet | medium | 6.1 | 0.9%
| | A reflected Cross-Site Scripting (XSS) vulnerability in Fortinet FortiMail 5.1 and earlier, 5.2.0 th… | Oct 26, 2017 | May 13, 2026 |
| | CVE-2017-7341 | Fortinet | high | 7.2 | 2.5%
| | An OS Command Injection vulnerability in Fortinet FortiWLC 6.1-2 through 6.1-5, 7.0-7 through 7.0-10… | Oct 26, 2017 | May 13, 2026 |
| | CVE-2017-7335 | Fortinet | medium | 5.4 | 0.3%
| | A Cross-Site Scripting (XSS) vulnerability in Fortinet FortiWLC 6.1-x (6.1-2, 6.1-4 and 6.1-5); 7.0-… | Oct 26, 2017 | May 13, 2026 |
| | CVE-2017-7737 | Fortinet | medium | 4.9 | 0.4%
| | An information disclosure vulnerability in Fortinet FortiWeb 5.8.2 and below versions allows logged-… | Aug 10, 2017 | May 13, 2026 |
| | CVE-2017-7336 | Fortinet | critical | 9.8 | 0.9%
| | A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a remote a… | Jul 22, 2017 | May 13, 2026 |
| | CVE-2016-8493 | Fortinet | high | 8.8 | 0.6%
| | In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe… | Jun 26, 2017 | May 13, 2026 |
| | CVE-2017-7731 | Fortinet | high | 7.5 | 0.3%
| | A weak password recovery vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows attac… | May 27, 2017 | May 13, 2026 |
| | CVE-2017-7343 | Fortinet | medium | 6.1 | 0.3%
| | An open redirect vulnerability in Fortinet FortiPortal 4.0.0 and below allows attacker to execute un… | May 27, 2017 | May 13, 2026 |
| | CVE-2017-7339 | Fortinet | medium | 6.1 | 0.3%
| | A Cross-Site Scripting vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an atta… | May 27, 2017 | May 13, 2026 |
| | CVE-2017-7338 | Fortinet | high | 7.5 | 0.3%
| | A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attac… | May 27, 2017 | May 13, 2026 |
| | CVE-2017-7337 | Fortinet | critical | 9.1 | 0.2%
| | An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an … | May 27, 2017 | May 13, 2026 |
| | CVE-2017-3129 | Fortinet | medium | 6.1 | 0.3%
| | A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker t… | May 27, 2017 | May 13, 2026 |
| | CVE-2017-3125 | Fortinet | medium | 6.1 | 0.6%
| | An unauthenticated XSS vulnerability with FortiMail 5.0.0 - 5.2.9 and 5.3.0 - 5.3.8 could allow an a… | Apr 12, 2017 | May 13, 2026 |
| | CVE-2016-8494 | Fortinet | high | 7.2 | 1.1%
| | Insufficient verification of uploaded files allows attackers with webui administrators privileges to… | Feb 9, 2017 | May 13, 2026 |
| | CVE-2016-7561 | Fortinet | high | 7.2 | 0.3%
| | Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, and 8.2-4-0 allow admin… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-7560 | Fortinet | critical | 9.8 | 2.6%
| | The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0, an… | Oct 5, 2016 | May 6, 2026 |
| | CVE-2016-4969 | Fortinet | medium | 6.1 | 0.7%
| | Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) before 4.2.5 all… | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4968 | Fortinet | medium | 6.5 | 3.5%
| | The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows … | Sep 21, 2016 | May 6, 2026 |
| | CVE-2016-4967 | Fortinet | medium | 6.5 | 1.9%
| | Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to obtain sen… | Sep 21, 2016 | May 6, 2026 |