cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-6648,https://securityvulnerability.io/vulnerability/CVE-2020-6648,,"A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the ""diag sys ha checksum show"" command.",Fortinet,Fortigate And Fortiproxy,5.3,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2020-10-21T14:05:55.000Z,0
CVE-2019-15705,https://securityvulnerability.io/vulnerability/CVE-2019-15705,,"An Improper Input Validation vulnerability in the SSL VPN portal of FortiOS versions 6.2.1 and below, and 6.0.6 and below may allow an unauthenticated remote attacker to crash the SSL VPN service by sending a crafted POST request.",Fortinet,Fortigate,7.5,HIGH,0.0017900000093504786,false,false,false,false,,false,false,2019-11-27T20:38:54.000Z,0
CVE-2019-6693,https://securityvulnerability.io/vulnerability/CVE-2019-6693,,"Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set).",Fortinet,Fortigate,6.5,MEDIUM,0.0008099999977275729,false,false,false,true,true,false,false,2019-11-21T15:08:05.000Z,0
CVE-2016-8492,https://securityvulnerability.io/vulnerability/CVE-2016-8492,,The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption.,Fortinet,Fortinet Fortigate,5.9,MEDIUM,0.0010600000387057662,false,false,false,false,,false,false,2017-02-08T16:00:00.000Z,0
CVE-2013-1414,https://securityvulnerability.io/vulnerability/CVE-2013-1414,,"Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.",Fortinet,"Fortios,Fortigate-1000c,Fortigate-100d,Fortigate-110c,Fortigate-1240b,Fortigate-200b,Fortigate-20c,Fortigate-300c,Fortigate-3040b,Fortigate-310b,Fortigate-311b,Fortigate-3140b,Fortigate-3240c,Fortigate-3810a,Fortigate-3950b,Fortigate-40c,Fortigate-5001a-sw,Fortigate-5001b,Fortigate-5020,Fortigate-5060,Fortigate-50b,Fortigate-5101c,Fortigate-5140b,Fortigate-600c,Fortigate-60c,Fortigate-620b,Fortigate-800c,Fortigate-80c,Fortigate-voice-80c,Fortigaterugged-100c",,,0.003530000103637576,false,false,false,false,,false,false,2013-07-08T17:55:00.000Z,0
CVE-2012-4948,https://securityvulnerability.io/vulnerability/CVE-2012-4948,,"The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Fortinet_CA_SSLProxy certificate in a list of trusted root certification authorities.",Fortinet,"Fortigate-3140b,Fortigate-60c,Fortigate-3040b,Fortigate-300c,Fortigate-600c,Fortigate-5001a-sw,Fortigate-3240c,Fortigate-310b,Fortigate-800c,Fortigate-5020,Fortigate-100d,Fortigate-50b,Fortigate-3810a,Fortigate-voice-80c,Fortigate-1000c,Fortigate-5101c,Fortigate-1240b,Fortigate-80c,Fortigaterugged-100c,Fortigate-3950b,Fortigate-110c,Fortigate-5140b,Fortigate-5060,Fortigate-311b,Fortigate-620b,Fortigate-20c,Fortigate-200b,Fortigate-40c,Fortigate-5001b",,,0.0006200000061653554,false,false,false,false,,false,false,2012-11-14T11:00:00.000Z,0
CVE-2008-7161,https://securityvulnerability.io/vulnerability/CVE-2008-7161,,"Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header.  NOTE: this issue might be related to CVE-2005-3058.",Fortinet,Fortigate-1000,,,0.021789999678730965,false,false,false,false,,false,false,2009-09-04T10:00:00.000Z,0