CVSS: 9.2EPSS: 3%CPEs: 4EXPL: 3CVE-2025-6543 – Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-6543
25 Jun 2025 — Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server Citrix NetScaler ADC and Gateway contain a buffer overflow vulne... • https://github.com/grupooruss/Citrix-cve-2025-6543 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 20%CPEs: 4EXPL: 14CVE-2025-5777 – Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2025-5777
17 Jun 2025 — Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server Citrix NetScaler ADC and Gateway ... • https://packetstorm.news/files/id/206153 • CWE-125: Out-of-bounds Read CWE-457: Use of Uninitialized Variable •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8535 – Authenticated user can access unintended user capabilities
https://notcve.org/view.php?id=CVE-2024-8535
12 Nov 2024 — Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appliance must be configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) with KCDAccount configuration for Kerberos SSO to access backend resources OR the appliance must be configured as an Auth Server (AAA Vserver) with KCDAccount configuration for Kerberos SSO to access backend resources Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway if the appl... • https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8534 – Memory safety vulnerability leading to memory corruption and Denial of Service
https://notcve.org/view.php?id=CVE-2024-8534
12 Nov 2024 — Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabled Memory safety vulnerability leading to memory corruption and Denial of Service in NetSca... • https://support.citrix.com/s/article/CTX691608-netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20248534-and-cve20248535?language=en_US • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2024-5491 – Denial of Service
https://notcve.org/view.php?id=CVE-2024-5491
10 Jul 2024 — Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler Denegación de servicio en NetScaler ADC y NetScaler Gateway en NetScaler • https://support.citrix.com/article/CTX677944/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20245491-and-cve20245492 •