cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-4966,https://securityvulnerability.io/vulnerability/CVE-2023-4966,Sensitive Information Disclosure in NetScaler ADC and NetScaler Gateway,"Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server. 



",Citrix,"NetScaler ADC ,NetScaler Gateway",7.5,HIGH,0.9528999924659729,true,true,true,true,true,false,false,2023-10-10T14:15:00.000Z,0
CVE-2023-3466,https://securityvulnerability.io/vulnerability/CVE-2023-3466,,"Reflected Cross-Site Scripting (XSS)
",Citrix,"Netscaler Adc,Netscaler Gateway",8.3,HIGH,0.000699999975040555,false,false,false,false,,false,false,2023-07-19T19:15:00.000Z,0
CVE-2023-3467,https://securityvulnerability.io/vulnerability/CVE-2023-3467,,"Privilege Escalation to root administrator (nsroot)
",Citrix,"Netscaler Adc,Netscaler Gateway",8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-07-19T19:15:00.000Z,0
CVE-2023-3519,https://securityvulnerability.io/vulnerability/CVE-2023-3519,Unauthenticated Remote Code Execution Vulnerability Affects Cisco Firepower Products,"A serious remote code execution vulnerability has been identified in Citrix ADC and Citrix Gateway products. Attackers can exploit this weakness without authentication, meaning they could potentially execute arbitrary code on the affected systems. This vulnerability affects multiple versions of the products, allowing unauthorized users to gain control and launch malicious activities. It is crucial for organizations utilizing Citrix technologies to apply relevant patches and evaluate their security posture to mitigate the risks posed by this vulnerability.",Citrix,"NetScaler ADC ,NetScaler Gateway",9.8,CRITICAL,0.9627699851989746,true,true,true,true,true,false,false,2023-07-19T18:15:00.000Z,0
CVE-2019-12044,https://securityvulnerability.io/vulnerability/CVE-2019-12044,,"A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23 and Citrix Application Delivery Controller 10.5.x before 10.5.70.x, 11.1.x before 11.1.59.10, 12.0.x before 12.0.59.8, and 12.1.x before 12.1.49.23.",Citrix,Netscaler Gateway Firmware,7.5,HIGH,0.0011599999852478504,false,false,false,false,,false,false,2019-05-22T15:29:28.000Z,0
CVE-2019-6485,https://securityvulnerability.io/vulnerability/CVE-2019-6485,,"Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled.",Citrix,Netscaler Gateway Firmware,5.9,MEDIUM,0.0021899999119341373,false,false,false,false,,false,false,2019-02-22T23:00:00.000Z,0
CVE-2018-18517,https://securityvulnerability.io/vulnerability/CVE-2018-18517,,"Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.",Citrix,Netscaler Gateway Firmware,4.8,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2018-10-24T21:00:00.000Z,0
CVE-2018-6810,https://securityvulnerability.io/vulnerability/CVE-2018-6810,,"Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request.",Citrix,Netscaler Gateway Firmware,7.5,HIGH,0.003229999914765358,false,false,false,false,,false,false,2018-03-06T20:00:00.000Z,0
CVE-2018-5314,https://securityvulnerability.io/vulnerability/CVE-2018-5314,,"Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.",Citrix,"Netscaler Sd-wan,Netscaler Gateway,Netscaler Application Delivery Controller",7.5,HIGH,0.001120000029914081,false,false,false,false,,false,false,2018-03-01T17:00:00.000Z,0
CVE-2017-14602,https://securityvulnerability.io/vulnerability/CVE-2017-14602,,"A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13 (except for build 41.24) that, if exploited, could allow an attacker with access to the NetScaler management interface to gain administrative access to the appliance.",Citrix,"Netscaler Gateway Firmware,Application Delivery Controller Firmware",7.2,HIGH,0.0017800000496208668,false,false,false,false,,false,false,2017-09-26T14:00:00.000Z,0
CVE-2017-7219,https://securityvulnerability.io/vulnerability/CVE-2017-7219,,"A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.",Citrix,Netscaler Gateway Firmware,8.8,HIGH,0.0037400000728666782,false,false,false,false,,false,false,2017-04-13T14:00:00.000Z,0
CVE-2016-4945,https://securityvulnerability.io/vulnerability/CVE-2016-4945,,Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote attackers to inject arbitrary web script or HTML via the NSC_TMAC cookie.,Citrix,Netscaler Gateway 11.0 Firmware,6.1,MEDIUM,0.00203000009059906,false,false,false,false,,false,false,2016-06-01T22:00:00.000Z,0
CVE-2015-6672,https://securityvulnerability.io/vulnerability/CVE-2015-6672,,"Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",Citrix,"Netscaler Gateway Firmware,Netscaler Application Delivery Controller Firmware",,,0.0013500000350177288,false,false,false,false,,false,false,2015-09-17T16:00:00.000Z,0
CVE-2015-5538,https://securityvulnerability.io/vulnerability/CVE-2015-5538,,"Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the (1) Command Line Interface (CLI) and the (2) Web User Interface (UI).",Citrix,"Netscaler Gateway Firmware,Netscaler Application Delivery Controller Firmware",,,0.004579999949783087,false,false,false,false,,false,false,2015-09-17T16:00:00.000Z,0
CVE-2015-5080,https://securityvulnerability.io/vulnerability/CVE-2015-5080,,"The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows remote authenticated users to execute arbitrary shell commands via shell metacharacters in the filter parameter to rapi/ipsec_logs.",Citrix,"Netscaler Application Delivery Controller Firmware,Netscaler Gateway Firmware",,,0.0031799999997019768,false,false,false,false,,false,false,2015-07-16T14:00:00.000Z,0
CVE-2015-2829,https://securityvulnerability.io/vulnerability/CVE-2015-2829,,Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service (reboot) via unspecified vectors.,Citrix,"Netscaler Gateway Firmware,Netscaler Application Delivery Controller Firmware",,,0.0053400001488626,false,false,false,false,,false,false,2015-05-12T19:00:00.000Z,0
CVE-2014-8580,https://securityvulnerability.io/vulnerability/CVE-2014-8580,,"Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5.50.10 before 10.5-52.11, 10.1.122.17 before 10.1-129.11, and 10.1-120.1316.e before 10.1-129.1105.e, when using unspecified configurations, allows remote authenticated users to access ""network resources"" of other users via unknown vectors.",Citrix,"Netscaler Application Delivery Controller Firmware,Netscaler Gateway Firmware",,,0.0015699999639764428,false,false,false,false,,false,false,2014-11-07T19:00:00.000Z,0
CVE-2014-4347,https://securityvulnerability.io/vulnerability/CVE-2014-4347,,Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) before 9.3-62.4 and 10.x before 10.1-126.12 allows attackers to obtain sensitive information via vectors related to a cookie.,Citrix,"Netscaler Access Gateway Firmware,Netscaler Access Gateway",,,0.004920000210404396,false,false,false,false,,false,false,2014-07-16T14:00:00.000Z,0
CVE-2014-1899,https://securityvulnerability.io/vulnerability/CVE-2014-1899,,Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,Citrix,"Netscaler Access Gateway Firmware,Netscaler Access Gateway",,,0.0016199999954551458,false,false,false,false,,false,false,2014-05-02T14:00:00.000Z,0
CVE-2014-2882,https://securityvulnerability.io/vulnerability/CVE-2014-2882,,"Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and vectors, related to certificate validation.",Citrix,"Netscaler Access Gateway Firmware,Netscaler Application Delivery Controller Firmware,Netscaler Access Gateway",,,0.0017000000225380063,false,false,false,false,,false,false,2014-05-01T14:00:00.000Z,0
CVE-2014-2881,https://securityvulnerability.io/vulnerability/CVE-2014-2881,,Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unknown impact and vectors.,Citrix,"Netscaler Access Gateway Firmware,Netscaler Application Delivery Controller Firmware,Netscaler Application Delivery Controller",,,0.0025100000202655792,false,false,false,false,,false,false,2014-05-01T14:00:00.000Z,0
CVE-2013-2767,https://securityvulnerability.io/vulnerability/CVE-2013-2767,,"Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.",Citrix,"Netscaler Access Gateway Firmware,Netscaler Access Gateway",,,0.0019099999917671084,false,false,false,false,,false,false,2013-04-25T20:55:00.000Z,0
CVE-2009-2213,https://securityvulnerability.io/vulnerability/CVE-2009-2213,,"The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and earlier specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to bypass intended access restrictions.",Citrix,"Netscaler Access Gateway Firmware,Netscaler Access Gateway",6.5,MEDIUM,0.001339999958872795,false,false,false,false,,false,false,2009-06-25T23:14:00.000Z,0