Show filters
376 Total Results
Displaying 1-10 of 376
Sort by:
Attacker Value
Very High

CVE-2023-3519

Disclosure Date: July 19, 2023 (last updated February 14, 2025)
Unauthenticated remote code execution
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
12
2
Attacker Value
Very High

CVE-2019-19781

Disclosure Date: November 05, 2019 (last updated November 27, 2024)
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
4
6
Attacker Value
Low

CVE-2019-11358

Disclosure Date: April 20, 2019 (last updated February 17, 2024)
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
6
1
Attacker Value
Moderate

CVE-2015-9251

Disclosure Date: January 18, 2018 (last updated November 08, 2023)
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
6
1
Attacker Value
Very High

CVE-2020-8196

Disclosure Date: July 10, 2020 (last updated February 21, 2025)
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
3
2
Attacker Value
Very High

CVE-2020-8195

Disclosure Date: July 10, 2020 (last updated February 21, 2025)
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
3
2
Attacker Value
Moderate

CVE-2020-8193

Disclosure Date: July 10, 2020 (last updated February 21, 2025)
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
3
2
Attacker Value
Moderate

CVE-2019-17571

Disclosure Date: December 20, 2019 (last updated November 08, 2023)
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
4
1
Attacker Value
Very High

CVE-2023-4966

Disclosure Date: October 10, 2023 (last updated February 14, 2025)
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
3
1
Attacker Value
Unknown

CVE-2023-6549

Disclosure Date: January 17, 2024 (last updated May 10, 2024)
Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
3
0
View More Topics  Next >