Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix access gateway vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-2528
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and previous versions and Advanced Edition 4.5 HF2 and previous versions allows malicious users to bypass authentication and gain "access to network resources" via unspecified vectors.
Citrix Access Gateway
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.5.6
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1162 Github repositories
28 Articles
9.3
CVSSv2
CVE-2011-2592
Heap-based buffer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x prior to 9.3-57.5 and 10.0 prior to 10.0-69.4 allows remote malicious users to execute arbitrary code via a long CSEC ...
Citrix Access Gateway Plug-in 9.0
Citrix Access Gateway Plug-in 9.1
Citrix Access Gateway Plug-in 10.0
Citrix Access Gateway Plug-in 9.2
Citrix Access Gateway Plug-in 9.3
9.3
CVSSv2
CVE-2011-2882
Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 prior to 8.1-67.7, 9.0 prior to 9.0-70.5, and 9.1 prior to 9.1-96.4 allows remote malicious users to execute arbitrary code via crafted HTTP header da...
Citrix Access Gateway 9.1
Citrix Access Gateway 9.0
Citrix Access Gateway 8.1
1 EDB exploit
9.3
CVSSv2
CVE-2011-2883
The NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 prior to 8.1-67.7, 9.0 prior to 9.0-70.5, and 9.1 prior to 9.1-96.4 attempts to validate signed DLLs by checking the certificate subject, not the signature, which allows man-in-the-...
Citrix Access Gateway 8.1
Citrix Access Gateway 9.0
Citrix Access Gateway 9.1
9.3
CVSSv2
CVE-2010-4566
The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and previous versions, and the NTLM authentication component in Access Gateway Standard and Advanced Editions before Access Gateway 5.0, allows malicious users to ...
Citrix Access Gateway 9.1-104.5
Citrix Access Gateway 8.1-69.4
Citrix Access Gateway 9.0.71.3
Citrix Access Gateway 8.0
Citrix Access Gateway
Citrix Access Gateway .8.0
Citrix Access Gateway 4.5.5
Citrix Access Gateway 4.5.6
Citrix Access Gateway 4.6.2
Citrix Access Gateway 4.6.3
Citrix Access Gateway 4.5.7
Citrix Access Gateway 4.5
Citrix Access Gateway 4.6.1
2 EDB exploits
9.3
CVSSv2
CVE-2007-4013
Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and previous versions, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) prior to 4.5.0.0 in Citrix...
Citrix Endpoint Analysis Client
Mozilla Firefox
Citrix Access Gateway
9
CVSSv2
CVE-2018-6186
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
Citrix Netscaler 12.0
9
CVSSv2
CVE-2017-14602
A vulnerability has been identified in the management interface of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before build 135.18, 10.5 before build 66.9, 10.5e before build 60.7010.e, 11.0 before build 70.16, 11.1 before build 55.13, and 12...
Citrix Application Delivery Controller Firmware 12.0
Citrix Application Delivery Controller Firmware 10.1
Citrix Netscaler Gateway Firmware 11.1
Citrix Netscaler Gateway Firmware 10.5e
Citrix Application Delivery Controller Firmware 10.5e
Citrix Application Delivery Controller Firmware 10.5
Citrix Netscaler Gateway Firmware 12.0
Citrix Netscaler Gateway Firmware 10.1
Citrix Netscaler Gateway Firmware 11.0
Citrix Application Delivery Controller Firmware 11.0
Citrix Application Delivery Controller Firmware 11.1
Citrix Netscaler Gateway Firmware 10.5
7.8
CVSSv2
CVE-2019-11477
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kern...
Linux Linux Kernel
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Analytics
7 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »