GCVE - cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:fortinet:fortimail:5.4.6:*:*:*:*:*:*:*

part: a version: 5.4.6 update: *

Vendor	Fortinet (`2b06c5e0-0a17-54f4-810a-5ef236d51947`)
Product	Fortimail (`9132bffa-bbc0-5e9e-87cf-98d91d5bddd8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-33302`	vulnerable	2026-06-03 14:52:13.386585	Details available MEDIUM (4.5) A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests. Published: 2025-03-31T14:58:11.960Z Updated: 2025-03-31T15:30:12.990Z Open on db.gcve.eu Reference links https://fortiguard.fortinet.com/psirt/FG-IR-21-023	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-23439`	vulnerable	2026-06-03 14:46:27.378965	Details available MEDIUM (4.1) A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver Published: 2025-01-22T09:10:28.669Z Updated: 2026-01-14T13:06:07.365Z Open on db.gcve.eu Reference links https://fortiguard.com/psirt/FG-IR-23-494	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-42757`	vulnerable	2026-06-03 14:45:27.625522	Details available MEDIUM (6.3) A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments. Published: 2021-12-08T11:01:11.000Z Updated: 2025-10-16T09:46:26.239Z Open on db.gcve.eu Reference links https://fortiguard.com/advisory/FG-IR-21-173	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-36193`	vulnerable	2026-06-03 14:44:57.317623	Details available MEDIUM (6.3) Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands. Published: 2022-02-02T11:19:47.000Z Updated: 2026-01-13T16:32:40.255Z Open on db.gcve.eu Reference links https://fortiguard.com/advisory/FG-IR-21-132	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.