cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-4966,https://securityvulnerability.io/vulnerability/CVE-2023-4966,Sensitive Information Disclosure in NetScaler ADC and NetScaler Gateway,"A vulnerability has been identified in Citrix NetScaler ADC and Gateway that allows for the potential disclosure of sensitive information. This issue arises when the products are configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server. Attackers could exploit this vulnerability to gain unauthorized access to sensitive user data, which may lead to further exploitation of affected systems.",Citrix,"Netscaler Adc,Netscaler Gateway",7.5,HIGH,0.9563900232315063,true,2023-10-18T00:00:00.000Z,true,true,true,2023-10-18T00:00:00.000Z,true,false,false,,2023-10-10T14:15:00.000Z,0
CVE-2023-3466,https://securityvulnerability.io/vulnerability/CVE-2023-3466,Reflected Cross-Site Scripting Vulnerability in Citrix ADC and Citrix Gateway,"A reflected Cross-Site Scripting (XSS) vulnerability exists in Citrix ADC and Citrix Gateway, allowing an attacker to inject malicious scripts into web pages viewed by users. This flaw can be exploited to unsuspectingly execute arbitrary JavaScript code in a user's browser, potentially compromising user sessions, stealing sensitive information, or performing unauthorized actions. It is crucial for organizations using these products to apply the recommended mitigations to safeguard their applications against this vulnerability.",Citrix,"Netscaler Adc,Netscaler Gateway",8.3,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2023-07-19T19:15:00.000Z,0
CVE-2023-3467,https://securityvulnerability.io/vulnerability/CVE-2023-3467,Privilege Escalation Vulnerability in Citrix ADC and Citrix Gateway,"A privilege escalation vulnerability exists in Citrix ADC and Citrix Gateway, allowing an attacker to gain root administrator access (nsroot). This security flaw can be exploited to manipulate system settings and breach sensitive data, thereby amplifying the risks associated with unauthorized access. Immediate assessment and remediation are essential to safeguard affected systems.",Citrix,"Netscaler Adc,Netscaler Gateway",8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-07-19T19:15:00.000Z,0
CVE-2023-3519,https://securityvulnerability.io/vulnerability/CVE-2023-3519,Unauthenticated Remote Code Execution Vulnerability Affects Cisco Firepower Products,"A serious remote code execution vulnerability has been identified in Citrix ADC and Citrix Gateway products. Attackers can exploit this weakness without authentication, meaning they could potentially execute arbitrary code on the affected systems. This vulnerability affects multiple versions of the products, allowing unauthorized users to gain control and launch malicious activities. It is crucial for organizations utilizing Citrix technologies to apply relevant patches and evaluate their security posture to mitigate the risks posed by this vulnerability.",Citrix,"Netscaler Adc,Netscaler Gateway",9.8,CRITICAL,0.9635900259017944,true,2023-07-19T00:00:00.000Z,true,true,true,2023-07-19T00:00:00.000Z,true,false,false,,2023-07-19T18:15:00.000Z,0
CVE-2020-6175,https://securityvulnerability.io/vulnerability/CVE-2020-6175,Missing SSL Certificate Validation in Citrix SD-WAN by Citrix,"Citrix SD-WAN versions 10.2.x prior to 10.2.6 and 11.0.x prior to 11.0.3 are affected by a vulnerability that lacks sufficient SSL certificate validation. This flaw could allow an attacker to execute certain actions or intercept communication, potentially leading to unauthorized access or data breaches. It is crucial for organizations using affected versions to apply necessary updates and enhancements to their SSL certificate validation mechanisms.",Citrix,"Citrix Sd-wan Center,Netscaler Sd-wan Center",5.9,MEDIUM,0.0012000000569969416,false,,false,false,false,,,false,false,,2020-03-16T20:42:27.000Z,0
CVE-2019-11345,https://securityvulnerability.io/vulnerability/CVE-2019-11345,Cross-Site Scripting Vulnerability in Citrix SD-WAN Center,"The Citrix SD-WAN Center and NetScaler SD-WAN Center are susceptible to a Cross-Site Scripting (XSS) vulnerability in versions prior to 10.2.1 and 10.0.7 respectively. This allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising user sessions or redirecting users to malicious sites. Organizations should promptly upgrade to the respective patched versions to mitigate associated risks.",Citrix,"Netscaler Sd-wan Center,Citrix Sd-wan Center",6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2020-03-10T13:03:02.000Z,0
CVE-2019-12985,https://securityvulnerability.io/vulnerability/CVE-2019-12985,Improper Input Validation in Citrix SD-WAN and NetScaler Products,"Citrix SD-WAN and NetScaler products have a vulnerability stemming from improper input validation, allowing potential exploitation by attackers. This issue affects versions below 10.2.3 for Citrix SD-WAN and below 10.0.8 for NetScaler, which may lead to unauthorized access or system compromise if exploited.",Citrix,"Sd-wan,Netscaler Sd-wan",9.8,CRITICAL,0.9151300191879272,false,,false,false,false,,,false,false,,2019-07-16T17:53:12.000Z,0
CVE-2019-12986,https://securityvulnerability.io/vulnerability/CVE-2019-12986,Improper Input Validation in Citrix SD-WAN by Citrix,"The vulnerability affects Citrix SD-WAN and NetScaler SD-WAN due to improper input validation, allowing attackers to potentially exploit the affected versions. If exploited, this could lead to unauthorized access or manipulation of data within the network environment.",Citrix,"Sd-wan,Netscaler Sd-wan",9.8,CRITICAL,0.9151300191879272,false,,false,false,false,,,false,false,,2019-07-16T17:47:04.000Z,0
CVE-2019-12987,https://securityvulnerability.io/vulnerability/CVE-2019-12987,Improper Input Validation in Citrix SD-WAN and NetScaler SD-WAN Products,"The Citrix SD-WAN and NetScaler SD-WAN products are affected by an improper input validation issue. This vulnerability could potentially allow an attacker to inject malicious input, leading to unauthorized actions or access within the system. Affected versions include Citrix SD-WAN 10.2.x prior to 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8. Citrix has provided updates to address this issue.",Citrix,"Sd-wan,Netscaler Sd-wan",9.8,CRITICAL,0.9151300191879272,false,,false,false,false,,,false,false,,2019-07-16T17:42:46.000Z,0
CVE-2019-12988,https://securityvulnerability.io/vulnerability/CVE-2019-12988,Improper Input Validation in Citrix SD-WAN and NetScaler SD-WAN,"Citrix SD-WAN versions 10.2.x prior to 10.2.3 and NetScaler SD-WAN versions 10.0.x prior to 10.0.8 are susceptible to improper input validation, allowing attackers to exploit the input validation flaws potentially leading to unauthorized access or manipulation of data. It is critical for users to update their systems to the latest versions to mitigate this vulnerability and protect their networks against potential threats.",Citrix,"Sd-wan,Netscaler Sd-wan",9.8,CRITICAL,0.9151300191879272,false,,false,false,false,,,false,false,,2019-07-16T17:39:56.000Z,0
CVE-2019-12989,https://securityvulnerability.io/vulnerability/CVE-2019-12989,SQL Injection in Citrix SD-WAN and NetScaler SD-WAN,"The Citrix SD-WAN and NetScaler SD-WAN products are susceptible to SQL Injection attacks, allowing malicious actors to execute arbitrary SQL queries. This vulnerability affects versions prior to 10.2.3 for Citrix SD-WAN 10.2.x and prior to 10.0.8 for NetScaler SD-WAN 10.0.x. Attackers can exploit this flaw to access sensitive data and potentially gain control over the affected system, posing significant risks to the security of network environments. It is crucial for organizations using these products to apply the necessary updates to mitigate the risks associated with this vulnerability.",Citrix,"Netscaler Sd-wan,Sd-wan",9.8,CRITICAL,0.029500000178813934,true,2022-03-25T00:00:00.000Z,false,false,true,2022-03-25T00:00:00.000Z,,false,false,,2019-07-16T17:32:44.000Z,0
CVE-2019-12990,https://securityvulnerability.io/vulnerability/CVE-2019-12990,Directory Traversal Vulnerability in Citrix SD-WAN and NetScaler SD-WAN,"This vulnerability in Citrix SD-WAN and NetScaler SD-WAN allows an attacker to exploit directory traversal pathways, granting unauthorized access to files on the server. By sending specially crafted requests, an attacker could traverse the application's directory structure, potentially exposing sensitive data and configuration files that may not be intended for public access. Administrators should ensure they are running the latest versions to mitigate potential risks.",Citrix,"Sd-wan,Netscaler Sd-wan",9.8,CRITICAL,0.5712699890136719,false,,false,false,false,,,false,false,,2019-07-16T17:29:01.000Z,0
CVE-2019-12991,https://securityvulnerability.io/vulnerability/CVE-2019-12991,Improper Input Validation in Citrix SD-WAN Products,"Citrix SD-WAN and NetScaler SD-WAN products are affected by an improper input validation vulnerability. This issue allows an attacker to manipulate inputs that may lead to unauthorized access or actions within the system. Specifically, versions prior to Citrix SD-WAN 10.2.3 and NetScaler SD-WAN 10.0.8 are susceptible, making it crucial for users to upgrade to address this significant security gap. Organizations utilizing these products should prioritize patching and implementing security measures to mitigate potential risks associated with this vulnerability.",Citrix,"Sd-wan,Netscaler Sd-wan",8.8,HIGH,0.09034000337123871,true,2022-03-25T00:00:00.000Z,false,false,true,2022-03-25T00:00:00.000Z,,false,false,,2019-07-16T17:16:38.000Z,0
CVE-2019-12992,https://securityvulnerability.io/vulnerability/CVE-2019-12992,Improper Input Validation in Citrix SD-WAN and NetScaler SD-WAN,"Citrix SD-WAN and NetScaler SD-WAN are affected by an improper input validation vulnerability, which can potentially allow attackers to manipulate the input data, potentially leading to unauthorized access or other malicious activities. This issue impacts versions prior to 10.2.3 for Citrix SD-WAN and prior to 10.0.8 for NetScaler SD-WAN. Users are advised to update their software to mitigate the risks associated with this vulnerability.",Citrix,"Sd-wan,Netscaler Sd-wan",8.8,HIGH,0.10117000341415405,false,,false,false,false,,,false,false,,2019-07-16T17:12:31.000Z,0
CVE-2019-10883,https://securityvulnerability.io/vulnerability/CVE-2019-10883,Command Injection Vulnerability in Citrix SD-WAN Center and NetScaler SD-WAN Center,"Citrix SD-WAN Center and NetScaler SD-WAN Center are susceptible to command injection vulnerabilities, allowing an attacker to execute arbitrary commands within the context of the affected application. This security flaw may lead to unauthorized access and control over system functionalities. It is crucial for users of the impacted versions to update their systems promptly to mitigate these risks. For detailed insights and remediation steps, refer to Citrix's security bulletins and advisories.",Citrix,"Netscaler Sd-wan Center,Citrix Sd-wan Center",9.8,CRITICAL,0.4950900077819824,false,,false,false,false,,,false,false,,2019-06-03T20:37:36.000Z,0
CVE-2019-12044,https://securityvulnerability.io/vulnerability/CVE-2019-12044,Buffer Overflow Vulnerability in Citrix NetScaler Gateway and Application Delivery Controller,"A buffer overflow vulnerability exists in multiple versions of Citrix NetScaler Gateway and Application Delivery Controller, allowing unauthorized users to exploit the issue. The vulnerability can lead to unexpected behavior, potentially enabling an attacker to execute arbitrary code or cause a denial of service within the affected products. It is crucial for Citrix users to apply the necessary security patches to mitigate the risks associated with this vulnerability.",Citrix,Netscaler Gateway Firmware,7.5,HIGH,0.0011599999852478504,false,,false,false,false,,,false,false,,2019-05-22T15:29:28.000Z,0
CVE-2019-11550,https://securityvulnerability.io/vulnerability/CVE-2019-11550,Improper Certificate Validation in Citrix SD-WAN and NetScaler SD-WAN,"Citrix SD-WAN and NetScaler SD-WAN are vulnerable to improper certificate validation, which could allow an attacker to conduct man-in-the-middle attacks by impersonating legitimate servers. The affected versions prior to the specified updates could fail to properly validate the authenticity of certificates, potentially leading to unauthorized access and data leaks.",Citrix,"Sd-wan,Netscaler Sd-wan",5.9,MEDIUM,0.0012000000569969416,false,,false,false,false,,,false,false,,2019-05-08T16:09:32.000Z,0
CVE-2019-6485,https://securityvulnerability.io/vulnerability/CVE-2019-6485,,"Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled.",Citrix,Netscaler Gateway Firmware,5.9,MEDIUM,0.0021899999119341373,false,,false,false,false,,,false,false,,2019-02-22T23:00:00.000Z,0
CVE-2018-18517,https://securityvulnerability.io/vulnerability/CVE-2018-18517,,"Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.",Citrix,Netscaler Gateway Firmware,4.8,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2018-10-24T21:00:00.000Z,0
CVE-2018-17445,https://securityvulnerability.io/vulnerability/CVE-2018-17445,,A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.,Citrix,Netscaler Sd-wan,9.8,CRITICAL,0.0010400000028312206,false,,false,false,false,,,false,false,,2018-10-23T21:00:00.000Z,0
CVE-2018-17444,https://securityvulnerability.io/vulnerability/CVE-2018-17444,,A Directory Traversal issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.,Citrix,Netscaler Sd-wan,7.5,HIGH,0.00139999995008111,false,,false,false,false,,,false,false,,2018-10-23T21:00:00.000Z,0
CVE-2018-17447,https://securityvulnerability.io/vulnerability/CVE-2018-17447,,An Information Exposure Through Log Files issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.,Citrix,Netscaler Sd-wan,7.5,HIGH,0.0008099999977275729,false,,false,false,false,,,false,false,,2018-10-23T21:00:00.000Z,0
CVE-2018-17448,https://securityvulnerability.io/vulnerability/CVE-2018-17448,,An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.,Citrix,Netscaler Sd-wan,9.8,CRITICAL,0.0013500000350177288,false,,false,false,false,,,false,false,,2018-10-23T21:00:00.000Z,0
CVE-2018-17446,https://securityvulnerability.io/vulnerability/CVE-2018-17446,,A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.,Citrix,Netscaler Sd-wan,9.8,CRITICAL,0.0013000000035390258,false,,false,false,false,,,false,false,,2018-10-23T21:00:00.000Z,0
CVE-2018-6811,https://securityvulnerability.io/vulnerability/CVE-2018-6811,,"Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface.",Citrix,Netscaler Application Delivery Controller Firmware,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2018-03-06T20:00:00.000Z,0