cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2018-6809,https://securityvulnerability.io/vulnerability/CVE-2018-6809,,"NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.",Citrix,Netscaler Application Delivery Controller Firmware,9.8,CRITICAL,0.0033599999733269215,false,false,false,false,,false,false,2018-03-06T20:00:00.000Z,0
CVE-2018-6811,https://securityvulnerability.io/vulnerability/CVE-2018-6811,,"Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface.",Citrix,Netscaler Application Delivery Controller Firmware,6.1,MEDIUM,0.0007099999929778278,false,false,false,false,,false,false,2018-03-06T20:00:00.000Z,0
CVE-2018-6808,https://securityvulnerability.io/vulnerability/CVE-2018-6808,,"NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system.",Citrix,Netscaler Application Delivery Controller Firmware,7.5,HIGH,0.002240000059828162,false,false,false,false,,false,false,2018-03-06T20:00:00.000Z,0
CVE-2018-5314,https://securityvulnerability.io/vulnerability/CVE-2018-5314,,"Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.",Citrix,"Netscaler Sd-wan,Netscaler Gateway,Netscaler Application Delivery Controller",7.5,HIGH,0.001120000029914081,false,false,false,false,,false,false,2018-03-01T17:00:00.000Z,0
CVE-2017-14602,https://securityvulnerability.io/vulnerability/CVE-2017-14602,,"A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13 (except for build 41.24) that, if exploited, could allow an attacker with access to the NetScaler management interface to gain administrative access to the appliance.",Citrix,"Netscaler Gateway Firmware,Application Delivery Controller Firmware",7.2,HIGH,0.0017800000496208668,false,false,false,false,,false,false,2017-09-26T14:00:00.000Z,0
CVE-2015-3642,https://securityvulnerability.io/vulnerability/CVE-2015-3642,,"The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).",Citrix,Netscaler Application Delivery Controller,5.9,MEDIUM,0.0012799999676644802,false,false,false,false,,false,false,2017-08-02T19:00:00.000Z,0
CVE-2017-5933,https://securityvulnerability.io/vulnerability/CVE-2017-5933,,"Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a ""forbidden attack,"" a similar issue to CVE-2016-0270.",Citrix,Netscaler Application Delivery Controller Firmware,5.9,MEDIUM,0.0011399999493733048,false,false,false,false,,false,false,2017-02-08T16:00:00.000Z,0
CVE-2016-9028,https://securityvulnerability.io/vulnerability/CVE-2016-9028,,"Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header.",Citrix,Netscaler Application Delivery Controller Firmware,8.8,HIGH,0.004389999900013208,false,false,false,false,,false,false,2016-10-28T15:00:00.000Z,0
CVE-2015-7996,https://securityvulnerability.io/vulnerability/CVE-2015-7996,,"The Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow attackers to obtain credentials via the browser cache.",Citrix,Netscaler Application Delivery Controller Firmware,,,0.0026499999221414328,false,false,false,false,,false,false,2015-11-17T15:00:00.000Z,0
CVE-2015-6672,https://securityvulnerability.io/vulnerability/CVE-2015-6672,,"Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",Citrix,"Netscaler Gateway Firmware,Netscaler Application Delivery Controller Firmware",,,0.0013500000350177288,false,false,false,false,,false,false,2015-09-17T16:00:00.000Z,0
CVE-2015-5538,https://securityvulnerability.io/vulnerability/CVE-2015-5538,,"Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI).",Citrix,"Netscaler Gateway Firmware,Netscaler Application Delivery Controller Firmware",,,0.004579999949783087,false,false,false,false,,false,false,2015-09-17T16:00:00.000Z,0
CVE-2015-5080,https://securityvulnerability.io/vulnerability/CVE-2015-5080,,"The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs.",Citrix,"Netscaler Application Delivery Controller Firmware,Netscaler Gateway Firmware",,,0.0031799999997019768,false,false,false,false,,false,false,2015-07-16T14:00:00.000Z,0
CVE-2015-2829,https://securityvulnerability.io/vulnerability/CVE-2015-2829,,Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service (reboot) via unspecified vectors.,Citrix,"Netscaler Gateway Firmware,Netscaler Application Delivery Controller Firmware",,,0.0053400001488626,false,false,false,false,,false,false,2015-05-12T19:00:00.000Z,0
CVE-2014-8580,https://securityvulnerability.io/vulnerability/CVE-2014-8580,,"Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access ""network resources"" of other users via unknown vectors.",Citrix,"Netscaler Application Delivery Controller Firmware,Netscaler Gateway Firmware",,,0.0015699999639764428,false,false,false,false,,false,false,2014-11-07T19:00:00.000Z,0
CVE-2014-7140,https://securityvulnerability.io/vulnerability/CVE-2014-7140,,Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote attackers to execute arbitrary code via unknown vectors.,Citrix,Netscaler Application Delivery Controller Firmware,,,0.19783000648021698,false,false,false,false,,false,false,2014-10-21T14:00:00.000Z,0
CVE-2014-4346,https://securityvulnerability.io/vulnerability/CVE-2014-4346,,Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,Citrix,"Netscaler Application Delivery Controller Firmware,Netscaler Application Delivery Controller",,,0.0026700000744313,false,false,false,false,,false,false,2014-07-16T14:00:00.000Z,0
CVE-2014-2882,https://securityvulnerability.io/vulnerability/CVE-2014-2882,,"Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.",Citrix,"Netscaler Access Gateway Firmware,Netscaler Application Delivery Controller Firmware,Netscaler Access Gateway",,,0.0017000000225380063,false,false,false,false,,false,false,2014-05-01T14:00:00.000Z,0
CVE-2014-2881,https://securityvulnerability.io/vulnerability/CVE-2014-2881,,Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.,Citrix,"Netscaler Access Gateway Firmware,Netscaler Application Delivery Controller Firmware,Netscaler Application Delivery Controller",,,0.0025100000202655792,false,false,false,false,,false,false,2014-05-01T14:00:00.000Z,0
CVE-2013-6943,https://securityvulnerability.io/vulnerability/CVE-2013-6943,,"Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to conduct an LDAP injection attack via vectors related to SSH and Web management usernames.",Citrix,Netscaler Application Delivery Controller Firmware,,,0.0017600000137463212,false,false,false,false,,false,false,2014-03-11T13:00:00.000Z,0
CVE-2013-6940,https://securityvulnerability.io/vulnerability/CVE-2013-6940,,"Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive information via unspecified vectors.",Citrix,Netscaler Application Delivery Controller Firmware,,,0.0017800000496208668,false,false,false,false,,false,false,2014-03-11T13:00:00.000Z,0
CVE-2013-6944,https://securityvulnerability.io/vulnerability/CVE-2013-6944,,"Cross-site scripting (XSS) vulnerability in the user interface in the AAA TM vServer in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",Citrix,Netscaler Application Delivery Controller Firmware,,,0.0012600000482052565,false,false,false,false,,false,false,2014-03-11T13:00:00.000Z,0
CVE-2013-6939,https://securityvulnerability.io/vulnerability/CVE-2013-6939,,"Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to ""RADIUS authentication.""",Citrix,Netscaler Application Delivery Controller Firmware,,,0.00107999995816499,false,false,false,false,,false,false,2014-03-11T13:00:00.000Z,0
CVE-2013-6941,https://securityvulnerability.io/vulnerability/CVE-2013-6941,,"Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to ""breakout"" of the shell via unknown vectors.",Citrix,Netscaler Application Delivery Controller Firmware,,,0.0022299999836832285,false,false,false,false,,false,false,2014-03-11T13:00:00.000Z,0
CVE-2013-6942,https://securityvulnerability.io/vulnerability/CVE-2013-6942,,"Cross-site request forgery (CSRF) vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.",Citrix,Netscaler Application Delivery Controller Firmware,,,0.0013800000306218863,false,false,false,false,,false,false,2014-03-11T13:00:00.000Z,0
CVE-2013-6938,https://securityvulnerability.io/vulnerability/CVE-2013-6938,,"Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows attackers to cause a denial of service via unknown vectors, related to the ""Virtual Machine Daemon.""",Citrix,Netscaler Application Delivery Controller Firmware,,,0.0012100000167265534,false,false,false,false,,false,false,2014-03-11T13:00:00.000Z,0