CVSS: 8.2EPSS: 37%CPEs: 9EXPL: 0CVE-2023-6549 – Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-6549
17 Jan 2024 — Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read La restricción inadecuada de las operaciones dentro de los límites de un búfer de memoria en NetScaler ADC y NetScaler Gateway permite una denegación de servicio no autenticada Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service a... • https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 21%CPEs: 9EXPL: 1CVE-2023-6548 – Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-6548
17 Jan 2024 — Improper Control of Generation of Code ('Code Injection') in NetScaler ADC and NetScaler Gateway allows an attacker with access to NSIP, CLIP or SNIP with management interface to perform Authenticated (low privileged) remote code execution on Management Interface. El control inadecuado de la generación de código ("inyección de código") en NetScaler ADC y NetScaler Gateway permite a un atacante con acceso a NSIP, CLIP o SNIP con interfaz de administración realizar una ejecución remota de código autenticado (... • https://github.com/Roonye660/CVE-2023-6548-POC • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.2EPSS: 0%CPEs: 9EXPL: 0CVE-2023-4967 – Denial of service
https://notcve.org/view.php?id=CVE-2023-4967
27 Oct 2023 — Denial of Service in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA Virtual Server Denegación de Servicio (DoS) en NetScaler ADC y NetScaler Gateway cuando se configura como Gateway (servidor virtual VPN, proxy ICA, CVPN, proxy RDP) o Servidor Virtual AAA • https://support.citrix.com/article/CTX579459 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.4EPSS: 94%CPEs: 9EXPL: 16CVE-2023-4966 – Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-4966
10 Oct 2023 — Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server. Divulgación de información confidencial en NetScaler ADC y NetScaler Gateway cuando se configura como Gateway (servidor virtual VPN, ICA Proxy, CVPN, RDP Proxy) o servidor "virtual" AAA. Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) o... • https://packetstorm.news/files/id/175323 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-3467
https://notcve.org/view.php?id=CVE-2023-3467
19 Jul 2023 — Privilege Escalation to root administrator (nsroot) • https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 • CWE-269: Improper Privilege Management •
CVSS: 8.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-3466
https://notcve.org/view.php?id=CVE-2023-3466
19 Jul 2023 — Reflected Cross-Site Scripting (XSS) • https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 94%CPEs: 8EXPL: 15CVE-2023-3519 – Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-3519
19 Jul 2023 — Unauthenticated remote code execution Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution. • https://packetstorm.news/files/id/173997 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2021-22919
https://notcve.org/view.php?id=CVE-2021-22919
05 Aug 2021 — A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could lead to the limited available disk space on the appliances being fully consumed. Se ha detectado una vulnerabilidad en Citrix ADC (conocido anteriormente como NetScaler ADC) y Citrix Gateway (conocido anteriormente como NetScaler Gateway), y en los... • https://support.citrix.com/article/CTX319135 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 0CVE-2021-22927
https://notcve.org/view.php?id=CVE-2021-22927
05 Aug 2021 — A session fixation vulnerability exists in Citrix ADC and Citrix Gateway 13.0-82.45 when configured SAML service provider that could allow an attacker to hijack a session. Se presenta una vulnerabilidad de fijación de sesión en Citrix ADC y Citrix Gateway versión 13.0-82.45, cuando es configurado el proveedor de servicios SAML que podría permitir a un atacante secuestrar una sesión • https://support.citrix.com/article/CTX319135 • CWE-384: Session Fixation •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2020-8299
https://notcve.org/view.php?id=CVE-2020-8299
16 Jun 2021 — Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance. Citrix ADC y Citrix/NetScaler Gateway versiones 13.0 anterio... • https://support.citrix.com/article/CTX297155 • CWE-400: Uncontrolled Resource Consumption •