cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-45856,https://securityvulnerability.io/vulnerability/CVE-2022-45856,Improper Certificate Validation Vulnerability May Allow Unauthenticated MITM Attack on SAML SSO Feature,"An improper certificate validation vulnerability exists in FortiClient products, potentially enabling an unauthenticated attacker to intercept and manipulate communications between FortiClient and both service providers and identity providers. This vulnerability impacts various platforms including Windows, Mac, Linux, Android, and iOS across multiple versions. Proper validation of certificates is critical to prevent man-in-the-middle attacks, which could lead to unauthorized information exposure and loss of data integrity.",Fortinet,"ForticlientiOS,Forticlientandroid,Forticlientmac,Forticlientlinux,Forticlientwindows",5.9,MEDIUM,0.0008699999889358878,false,false,false,false,,false,false,2024-09-10T14:37:48.663Z,0
CVE-2024-35282,https://securityvulnerability.io/vulnerability/CVE-2024-35282,Vulnerability in Cleartext Storage of Sensitive Information Could Lead to Password Theft,"A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain cleartext passwords via keychain dump.",Fortinet,ForticlientiOS,4.6,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-09-10T14:37:46.189Z,0