Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
citrix netscaler gateway - vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-4945
Cross-site scripting (XSS) vulnerability in vpn/js/gateway_login_form_view.js in Citrix NetScaler Gateway 11.0 before Build 66.11 allows remote malicious users to inject arbitrary web script or HTML via the NSC_TMAC cookie.
Citrix Netscaler Gateway 11.0 Firmware
NA
CVE-2014-1899
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x prior to 9.3.66.5 and 10.x prior to 10.1.123.9 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Citrix Netscaler Access Gateway Firmware 10.1
Citrix Netscaler Access Gateway Firmware 10.0
Citrix Netscaler Access Gateway Firmware 10.0.74.4
Citrix Netscaler Access Gateway Firmware 9.3.61.5
Citrix Netscaler Access Gateway Firmware 9.3.62.4
Citrix Netscaler Access Gateway Firmware 9.3
Citrix Netscaler Access Gateway -
4.3
CVSSv3
CVE-2020-8196
Improper access control in Citrix ADC and Citrix Gateway versions prior to 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions prior to 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Citrix Application Delivery Controller Firmware
Citrix Netscaler Gateway Firmware
Citrix Gateway Firmware
Citrix Sd-wan Wanop
2 Github repositories
2 Articles
9.8
CVSSv3
CVE-2019-19781
An issue exists in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Citrix Application Delivery Controller Firmware 10.5
Citrix Application Delivery Controller Firmware 11.1
Citrix Application Delivery Controller Firmware 12.0
Citrix Application Delivery Controller Firmware 12.1
Citrix Application Delivery Controller Firmware 13.0
Citrix Netscaler Gateway Firmware 10.5
Citrix Netscaler Gateway Firmware 11.1
Citrix Netscaler Gateway Firmware 12.0
Citrix Netscaler Gateway Firmware 12.1
Citrix Gateway Firmware 13.0
2 Metasploit modules
63 Github repositories
21 Articles
6.5
CVSSv3
CVE-2009-2213
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway appliance with Enterprise Edition firmware 9.0, 8.1, and previous versions specifies Allow for the Default Authorization Action option, which might allow remote authenticated users to...
Citrix Netscaler Access Gateway Firmware
Citrix Netscaler Access Gateway Firmware 7.0
Citrix Netscaler Access Gateway Firmware 8.0
Citrix Netscaler Access Gateway Firmware 9.0
Citrix Netscaler Access Gateway -
5.9
CVSSv3
CVE-2015-3642
The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x prior to 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, ...
Citrix Netscaler Application Delivery Controller -
Citrix Netscaler Gateway -
7.5
CVSSv3
CVE-2019-12044
A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x prior to 10.5.70.x, 11.1.x prior to 11.1.59.10, 12.0.x prior to 12.0.59.8, and 12.1.x prior to 12.1.49.23 and Citrix Application Delivery Controller 10.5.x prior to 10.5.70.x, 11.1.x prior to 11.1.59.10, 12.0.x prior to ...
Citrix Netscaler Gateway Firmware
Citrix Netscaler Application Delivery Controller Firmware
NA
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl Openssl
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
1 Article
NA
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6