cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-48788,https://securityvulnerability.io/vulnerability/CVE-2023-48788,SQL Injection Vulnerability in Fortinet FortiClientEMS Products,"An SQL injection vulnerability exists in specific versions of Fortinet FortiClientEMS, allowing attackers to exploit improper neutralization of special elements used in SQL commands. This vulnerability permits unauthorized code execution via specially crafted packets, potentially compromising the affected systems and leading to unauthorized access and control. Users of FortiClientEMS should be aware of this vulnerability and take appropriate measures to mitigate risks.",Fortinet,Forticlientems,9.8,CRITICAL,0.9682300090789795,true,2024-03-25T00:00:00.000Z,true,true,true,2024-03-21T20:54:08.000Z,true,true,true,2024-03-18T03:52:02.309Z,2024-03-12T15:09:18.527Z,8543
CVE-2024-47575,https://securityvulnerability.io/vulnerability/CVE-2024-47575,Specially crafted requests can execute arbitrary code or commands in FortiManager,"A critical security vulnerability exists in Fortinet's FortiManager products due to missing authentication for a critical function. This flaw enables attackers to send specially crafted requests that may allow arbitrary code execution or command execution on the affected devices. This vulnerability affects multiple versions of FortiManager and FortiManager Cloud, emphasizing the need for immediate attention and remediation to safeguard systems against potential exploitation.",Fortinet,Fortimanager,9.8,CRITICAL,0.8714600205421448,true,2024-10-23T00:00:00.000Z,true,true,true,2024-10-23T00:00:00.000Z,true,true,true,2024-10-27T12:23:45.625Z,2024-10-23T15:15:00.000Z,36364
CVE-2024-55591,https://securityvulnerability.io/vulnerability/CVE-2024-55591,Remote Attackers Can Gain Super-Admin Privileges via Crafted Requests to Node.js Websocket Module,"A vulnerability exists in FortiOS and FortiProxy that allows a remote attacker to exploit an authentication bypass through crafted requests targeting the Node.js websocket module. This weakness could enable unauthorized users to attain super-admin privileges, compromising system security. Users of affected versions should take immediate action to mitigate risks by updating to the latest software versions.",Fortinet,"FortiOS,Fortiproxy",9.8,CRITICAL,0.026340000331401825,true,2025-01-14T00:00:00.000Z,true,true,true,2025-01-14T19:57:47.000Z,true,true,true,2025-01-16T04:52:02.516Z,2025-01-14T14:15:00.000Z,23558
CVE-2024-23113,https://securityvulnerability.io/vulnerability/CVE-2024-23113,Fortinet FortiOS Vulnerability Allows Unauthorized Code Execution,"A vulnerability exists in Fortinet's FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager products, allowing attackers to manipulate externally controlled format strings. This weakness enables the execution of unauthorized code or commands through specially crafted packets. Organizations using affected versions should prioritize remediation measures, as exploitation can lead to significant security breaches and data compromises.",Fortinet,"Fortiswitchmanager,FortiOS,Fortipam,Fortiproxy",9.8,CRITICAL,0.024890000000596046,true,2024-10-09T00:00:00.000Z,true,false,true,2024-10-09T00:00:00.000Z,true,true,true,2024-10-17T01:52:02.750Z,2024-02-15T13:59:25.313Z,20538