Search

Search Results (364348 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-58325 1 Fortinet 1 Fortios 2026-02-26 7.8 High
An Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands.
CVE-2025-57741 2 Apple, Fortinet 3 Macos, Forticlient, Forticlientmac 2026-02-26 7 High
An Incorrect Permission Assignment for Critical Resource vulnerability [CWE-732] in FortiClientMac 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local attacker to run arbitrary code or commands via LaunchDaemon hijacking.
CVE-2025-22258 1 Fortinet 5 Fortios, Fortipam, Fortiproxy and 2 more 2026-02-26 5.7 Medium
A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.2 through 7.0.16, FortiSwitchManager 7.2.1 through 7.2.5 allows attackers to escalate their privilege via specially crafted http requests.
CVE-2024-50571 1 Fortinet 8 Fortianalyzer, Fortianalyzer Cloud, Fortianalyzercloud and 5 more 2026-02-26 6.5 Medium
A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.2, FortiAnalyzer 7.4.0 through 7.4.5, FortiAnalyzer 7.2.0 through 7.2.9, FortiAnalyzer 7.0.0 through 7.0.13, FortiAnalyzer 6.4 all versions, FortiAnalyzer 6.2 all versions, FortiAnalyzer 6.0 all versions, FortiAnalyzer Cloud 7.4.1 through 7.4.5, FortiAnalyzer Cloud 7.2.1 through 7.2.9, FortiAnalyzer Cloud 7.0.1 through 7.0.13, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.0 through 7.4.5, FortiManager 7.2.0 through 7.2.9, FortiManager 7.0.0 through 7.0.13, FortiManager 6.4 all versions, FortiManager 6.2 all versions, FortiManager 6.0 all versions, FortiManager Cloud 7.6.2, FortiManager Cloud 7.4.1 through 7.4.5, FortiManager Cloud 7.2.1 through 7.2.9, FortiManager Cloud 7.0.1 through 7.0.13, FortiManager Cloud 6.4 all versions, FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.6, FortiOS 7.2.0 through 7.2.10, FortiOS 7.0.0 through 7.0.16, FortiOS 6.4.0 through 6.4.15, FortiOS 6.2 all versions, FortiProxy 7.6.0 through 7.6.1, FortiProxy 7.4.0 through 7.4.7, FortiProxy 7.2.0 through 7.2.12, FortiProxy 7.0.0 through 7.0.19, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions allows attacker to execute unauthorized code or commands via specifically crafted requests.
CVE-2023-46718 1 Fortinet 2 Fortios, Fortiproxy 2026-02-26 6.3 Medium
A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.
CVE-2025-57716 2 Fortinet, Microsoft 3 Forticlient, Forticlientwindows, Windows 2026-02-26 6 Medium
An Uncontrolled Search Path Element vulnerability [CWE-427] in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder.
CVE-2025-31365 2 Apple, Fortinet 3 Macos, Forticlient, Forticlientmac 2026-02-26 5.5 Medium
An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the victim's host via tricking the user into visiting a malicious website.
CVE-2025-46774 2 Apple, Fortinet 3 Macos, Forticlient, Forticlientmac 2026-02-26 6.8 Medium
An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS installer version 7.4.2 and below, version 7.2.9 and below, 7.0 all versions may allow a local user to escalate their privileges via FortiClient related executables.
CVE-2025-27070 1 Qualcomm 351 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 348 more 2026-02-26 7.8 High
Memory corruption while performing encryption and decryption commands.
CVE-2025-27074 1 Qualcomm 191 Apq8064au, Apq8064au Firmware, Csr8811 and 188 more 2026-02-26 8.8 High
Memory corruption while processing a GP command response.
CVE-2025-37132 2 Arubanetworks, Hpe 2 Arubaos, Arubaos 2026-02-26 7.2 High
An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system.
CVE-2025-47352 1 Qualcomm 29 Fastconnect 7800, Fastconnect 7800 Firmware, Qcc2072 and 26 more 2026-02-26 7.8 High
Memory corruption while processing audio streaming operations.
CVE-2025-37133 2 Arubanetworks, Hpe 2 Arubaos, Arubaos 2026-02-26 7.2 High
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
CVE-2025-47353 1 Qualcomm 37 Qam8255p, Qam8255p Firmware, Qam8650p and 34 more 2026-02-26 7.8 High
Memory corruption while processing request sent from GVM.
CVE-2025-37134 2 Arubanetworks, Hpe 2 Arubaos, Arubaos 2026-02-26 7.2 High
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
CVE-2025-47360 2 Qnx, Qualcomm 72 Qnx, Qam8255p, Qam8255p Firmware and 69 more 2026-02-26 7.8 High
Memory corruption while processing client message during device management.
CVE-2025-47989 1 Microsoft 3 Arc Enabled Servers Azure Connected Machine Agent, Azure, Azure Connected Machine Agent 2026-02-26 7 High
Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-47361 2 Qnx, Qualcomm 58 Qnx, Qam8255p, Qam8255p Firmware and 55 more 2026-02-26 7.8 High
Memory corruption when triggering a subsystem crash with an out-of-range identifier.
CVE-2025-48004 1 Microsoft 11 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 8 more 2026-02-26 7.4 High
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
CVE-2025-47365 1 Qualcomm 71 Qam8255p, Qam8255p Firmware, Qam8295p and 68 more 2026-02-26 7.8 High
Memory corruption while processing large input data from a remote source via a communication interface.